We have setup our api service behind an App Engine's flexible environment. We are currently on the Bronze support plan.
We were recently audited by a security contractor and one of the issues reported back to us is the fact that our service accepts older versions of TLS.
I found a couple similar questions abound this topic, namely:
- How to update TLS version
- Google App Engine Node.js TLS 1.2
- Is there a way to customize nginx proxy in google flexible appengine
So, the information I gathered by now is that cannout customize this, but I might be able to request for our load balancer to only support TLS >= 1.2. Is this info still valid as of 2020?
If it is, could someone help me figure out how? I seem to only find the chat and phone support for Billing issues. Do I need to request for someone to update our support plan for this kind of request?
