Actions
Bug #20282
closed
Provide a more secure apache ssl.conf sslciphersuite configuration on by default
Difficulty:
Triaged:
Bugzilla link:
Description
Set the default ciphesuites for apache to a stronger setting then the default provided by the puppet module.
Updated by Ewoud Kohl van Wijngaarden over 7 years ago
- Subject changed from Provide a more secure apache ssl.conf sslciphersuite configuration on by default to Provide a more secure apache ssl.conf sslciphersuite configuration on by default
- Status changed from New to Need more information
We could use the modern cipher suite from https://mozilla.github.io/server-side-tls/ssl-config-generator/ but could you be a bit more specific? The linked bugzilla is not public.
Updated by Tomer Brisker over 7 years ago
yes, https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.4.6&openssl=1.0.1e&hsts=no&profile=intermediate should work for all our supported servers and browsers.
Updated by Tomer Brisker over 7 years ago
- Status changed from Need more information to New
Updated by The Foreman Bot over 7 years ago
- Status changed from New to Ready For Testing
- Assignee set to Tomer Brisker
- Pull request https://github.com/theforeman/foreman-installer/pull/236 added
Updated by Anonymous over 7 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 267653fadea7f443396ecf1443777dc5f6748ba4.
Updated by Eric Helms over 7 years ago
- Translation missing: en.field_release set to 276
Updated by The Foreman Bot over 7 years ago
- Pull request https://github.com/theforeman/foreman-installer/pull/237 added
Actions