Bug #27656: Inconsistent "SSLVerifyDepth" value in configurations will cause Apache to request unnecessary SSL renegotiation - Installer - Foreman

Actions

Copy link

Bug #27656

closed

Inconsistent "SSLVerifyDepth" value in configurations will cause Apache to request unnecessary SSL renegotiation

Added by Ewoud Kohl van Wijngaarden over 5 years ago. Updated over 5 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Ewoud Kohl van Wijngaarden

Category:

Target version:

Difficulty:

Triaged:

Bugzilla link:

1723765

Pull request:

https://github.com/theforeman/puppet-katello/pull/298

Fixed in Releases:

Foreman - 1.24.0

Found in Releases:

Red Hat JIRA:

Description

Inconsistent "SSLVerifyDepth" value in the following 2 Apache configuration files (Foreman and Katello) can cause Apache to request unnecessary SSL secure renegotiation to the client (such as web browser). This will trigger security alert to an environment that running IPS, such as MacAfee IPS. Change the value of this directive to '3' in both file does prevent the renegotiation.

/etc/httpd/conf.d/05-foreman-ssl.conf
/etc/httpd/conf.d/05-foreman-ssl.d/katello.conf

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Foreman » Installer

Custom queries

Bug #27656

Inconsistent "SSLVerifyDepth" value in configurations will cause Apache to request unnecessary SSL renegotiation

Updated by The Foreman Bot over 5 years ago

Updated by The Foreman Bot over 5 years ago

Updated by Ewoud Kohl van Wijngaarden over 5 years ago