2025-10-03: Maverics Console Release Notes

Prev Next

Feature Updates

TLS Configuration Flexibility

We've improved how TLS certificates and TLS policies (e.g min TLS version, enabled ciphers) are configured, giving you more flexibility and better security controls.

Orchestrator Update Required to Use

To take advantage of this capability you need to use Orchestrator release v.2025.10.1 or higher.

What Changed

TLS environment variables now only override certificate and key paths — they no longer override your entire TLS configuration block. This means you can now:

  • Define TLS certificate paths via environment variables (e.g., MAVERICS_TLS_CERT, MAVERICS_TLS_KEY)

  • Configure TLS policies through in the Deployment Manager

  • Use both methods simultaneously without conflict

Why This Matters

Enhanced Security Posture

Previously, setting TLS environment variables could unintentionally ignore UI-configured TLS policies.  This change ensures your cipher policies remain enforced regardless of how certificates are provided.

Simplified Compliance & Auditing

TLS policies configured in the Maverics Console are now preserved and easily referenced during security audits, making it simpler to demonstrate that unauthorized ciphers are blocked and compliance requirements are met.

Flexible Configuration

You can now leverage the strengths of both configuration methods:

  • Environment variables for certificate management (ideal for secret management systems and deployment automation)

  • UI-based policies for cipher configuration (ideal for audit trails and centralized policy management)

What You Need to Know

Orchestrator Update Required: You need to be using Orchestrator v.2025.10.1 to take advantage of this feature.

No breaking changes — Existing configurations will continue to work

Recommended approach — Configure cipher policies in the UI for better audit-ability, while managing certificates via environment variables or the UI based on your deployment needs

Verified behavior — Cipher policies set in the UI are preserved when TLS environment variables are configured