From 0bc29f6c69f22f0adbbb3ed723d707f0d070c207 Mon Sep 17 00:00:00 2001
From: pierwill <19642016+pierwill@users.noreply.github.com>
Date: Fri, 19 Feb 2021 11:55:18 -0800
Subject: [PATCH] Document TLS configuration for meta nodes (#2196)

Document TLS configuration for meta nodes

Co-authored-by: kelseiv <47797004+kelseiv@users.noreply.github.com>
---
 .../v1.8/administration/config-meta-nodes.md  | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)

diff --git a/content/enterprise_influxdb/v1.8/administration/config-meta-nodes.md b/content/enterprise_influxdb/v1.8/administration/config-meta-nodes.md
index 6c4c2522e..6b79ca0ce 100644
--- a/content/enterprise_influxdb/v1.8/administration/config-meta-nodes.md
+++ b/content/enterprise_influxdb/v1.8/administration/config-meta-nodes.md
@@ -13,6 +13,7 @@ menu:
   * [Global options](#global-options)
   * [Enterprise license `[enterprise]`](#enterprise)
   * [Meta node `[meta]`](#meta)
+  * [TLS `[tls]`](#tls-settings)
 
 ## Meta node configuration settings
 
@@ -262,3 +263,24 @@ This value must be the same value as the
 To use this option, set [`auth-enabled`](#auth-enabled-false) to `true`.
 
 Environment variable: `INFLUXDB_META_INTERNAL_SHARED_SECRET`
+
+### TLS settings
+
+For more information, see [TLS settings for data nodes](/enterprise_influxdb/v1.8/administration/config-data-nodes#tls-settings).
+
+#### Recommended "modern compatibility" cipher settings
+
+```toml
+ciphers = [ "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
+            "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
+            "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
+            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
+            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
+]
+
+min-version = "tls1.2"
+
+max-version = "tls1.2"
+
+```