In a routine vulnerability scan I noticed that the TLS port 2375 supports TLS 1.0, which is a security concern. I couldn’t see a way to specifically configure a TLS version in dockercloud-agent.conf
The PCI (Payment Card Industry) Data Security Standard requires a minimum of TLS v1.1 and recommends TLS v1.2. In addition, FIPS 140-2 standard requires a minimum of TLS v1.1 and recommends TLS v1.2.
I wonder if this is no longer the case in newer versions of the engine. Docker Cloud Agent is still Docker 1.9.1 which is 8 months old!