We are running Chronograf 1.8.0, InfluxDB 1.7.10, Telegraf 1.13.4, and Kapacitor 1.5.4 on Ubuntu 16.04. Our information security team routinely scans all of our servers with Nessus, and recent scans have found that Chronograf is allowing connections over SSLv3. The security team has asked me to disable SSLv3 (and TLS 1.0, if possible) for Chronograf.
I’ve read through the Configuring Chronograf documentation, looked around the source code on Github, and Googled around a bit, but I haven’t been able to find a way to enable/disable specific HTTPS encryption options. Is there a way to configure this for Chronograf? Or is this something that is configured outside of Chronograf on the host?