Details
Do not disable the secure port.
Rationale:
The secure port is used to serve https with authentication and authorization. If you disable it, no https traffic is served and all traffic is served unencrypted.
Solution
Edit the API server pod specification file ‘/etc/kubernetes/manifests/kube-apiserver.yaml’ on the master node and either remove the ‘–secure-port’ parameter or set it to a different (non-zero) desired port.
Impact:
You need to set the API Server up with the right TLS certificates.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.