Rancher rke k8s using TLS weak cipher suites issue

Hi! I’m using Rancher v2.5.5 and RKE kubernetes (launching with Rancher, 1.19.4 k8s).
We check CVE vulnerability and find that etcd uses.
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
How can i disabled that cipher??

Thank you for reply!!
I try to find a way to configure ‘extra_args’ to ‘etcd’ service.
But I can’t…

I already have three etcd node.
Can i just put “ciphers” to etcd’s extra_args?
Is there any guide or docs about that…?

I think these links are related.

But i don’t know where can i find cluster.yaml file…
I launched rke k8s following this guide (https://rancher.com/docs/rancher/v2.x/en/cluster-provisioning/rke-clusters/custom-nodes/), I didn’t use cluster.yaml.

How to configure/apply extra_args to etcd nodes that are already running…?

I solved it.
Rancher UI → Cluster → Edit → Edit as YAML
services > etcd > extra_args >
And add
cipher-suites: ‘CIPHER_1,CIPHER_2’

Thank you!!