Inconsistent "SSLVerifyDepth" value in configurations will cause Apache to request unnecessary SSL renegotiation
Inconsistent "SSLVerifyDepth" value in the following 2 Apache configuration files (Foreman and Katello) can cause Apache to request unnecessary SSL secure renegotiation to the client (such as web browser). This will trigger security alert to an environment that running IPS, such as MacAfee IPS. Change the value of this directive to '3' in both file does prevent the renegotiation.
#3 Updated by Ewoud Kohl van Wijngaarden 11 months ago
- Status changed from Ready For Testing to Closed
Applied in changeset puppet-katello|6ba99532dec262b8978970ee1394dc6d1acc3f2c.