Evaluates whether TLS 1.3 is enabled for each CDN domain name. Domain names with TLS 1.3 enabled are evaluated as Compliant.
Scenarios
TLS security policies ensure the security, integrity, and reliability of data transferred over the Internet. Higher TLS versions provide more secure HTTPS communication.
Risk level
Default risk level: high.
You can change the risk level based on your business requirements.
Compliance evaluation logic
-
If TLS 1.3 is enabled for each domain name accelerated by Alibaba Cloud CDN, the evaluation result is Compliant.
-
If TLS 1.3 is disabled for a domain name accelerated by Alibaba Cloud CDN, the evaluation result is Non-compliant.
Rule details
|
Parameter |
Description |
|
Rule name |
cdn-domain-tls13-enabled |
|
Rule identifier |
|
|
Tag |
CDN and CDN Domain |
|
Automatic remediation |
Not supported |
|
Trigger type |
Configuration change |
|
Supported resource type |
Domain names |
|
Input parameter |
None |
Non-compliance remediation
Enable TLS 1.3 for each domain name accelerated by Alibaba Cloud CDN. For more information, see Domain configuration functions.