Bug #14685: Ability to set SSL Ciphers, Order & Compression during install - Installer - Foreman

Actions

Copy link

Bug #14685

closed

Ability to set SSL Ciphers, Order & Compression during install

Added by Duncan Innes about 8 years ago. Updated over 6 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Category:

Target version:

Difficulty:

Triaged:

Bugzilla link:

Pull request:

Fixed in Releases:

Found in Releases:

Foreman - 1.11.0

Red Hat JIRA:

Description

User needs the ability to set:

SSLCipherSuite
SSLHonorCipherOrder
SSLCompression

values to be used in:

/etc/httpd/conf.d/25-puppet.conf
/etc/httpd/conf.d/ssl.conf

The requirement is due to security settings that restrict the Ciphers and compression beyond the default values used in a Katello install. Manual adjustment can be made to these files while the services are offline, but these foreman-installer would overwrite these custom settings during the next upgrade.

Is it possible to have these values set via foreman-installer command line flags?

Actions

Copy link

Updated by Ewoud Kohl van Wijngaarden over 6 years ago

Status changed from New to Resolved

We ship better defaults now. The ciphers and ssl protocols are exposed as parameters except for puppet + passenger since that's deprecated in favor of puppetserver. We do allow overriding them with hiera though.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Installer

Custom queries

Bug #14685

Ability to set SSL Ciphers, Order & Compression during install

Updated by Ewoud Kohl van Wijngaarden over 6 years ago