Merge pull request #89664 from ShaunaDiaz/OSDOCS-11186

OSDOCS-11186: adds TLS config params MicroShift

Author: ShaunaDiaz

modules/microshift-config-parameters-table.adoc

@@ -53,9 +53,21 @@ The following table explains {microshift-short} configuration YAML parameters an
 |Fully qualified domain names (FQDNs), wildcards such as `*.domain.com`, or IP addresses.
 |Subject Alternative Names for API server certificates. SANs indicate all of the domain names and IP addresses that are secured by a certificate.
 
+|`tls`
+|`list`
+|Defines the transport later protocol (TLS) used and the cipher suites allowed. Provides security for the exposed {microshift-short} API server and internal control plane endpoints.
+
+|`tls.cipherSuites`
+|`string`
+|Lists the allowed cipher suites that the API server accepts and serves. Defaults to the cipher suites allowed with the TLS specification set in the `tls.minVersion` parameter.
+
+|`tls.minVersion`
+|`VersionTLS12` or `VersionTLS13`
+|Specifies the minimum version of TLS to serve from the API serve. Default is value is `VersionTLS12`. TLS 1.3 ciphers are preset and not configurable.
+
 |`debugging.logLevel`
 |`Normal`, `Debug`, `Trace`, or `TraceAll`
-|Log verbosity. Default is `Normal`.
+|Log verbosity. Default value is is `Normal`.
 
 |`dns.baseDomain`
 |`valid domain`

modules/microshift-default-settings.adoc

@@ -31,6 +31,10 @@ apiServer:
       names:
         - ""
   subjectAltNames: []
+  tls:
+    cipherSuites:
+            - ""
+    minVersion: VersionTLS12
 debugging:
   logLevel: "Normal"
 dns: