Revision 07a23f55
Added by Ewoud Kohl van Wijngaarden over 9 years ago
| manifests/server/passenger.pp | ||
|---|---|---|
|
ssl_ca => $ssl_ca_cert,
|
||
|
ssl_crl => $ssl_ca_crl,
|
||
|
ssl_chain => $ssl_chain,
|
||
|
ssl_protocol => 'ALL -SSLv2',
|
||
|
ssl_cipher => 'ALL:!aNULL:!eNULL:!DES:!3DES:!IDEA:!SEED:!DSS:!PSK:!RC4:!MD5:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXP',
|
||
|
ssl_protocol => 'ALL -SSLv2 -SSLv3',
|
||
|
ssl_cipher => 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA',
|
||
|
ssl_honorcipherorder => 'on',
|
||
|
ssl_verify_client => 'optional',
|
||
|
ssl_options => '+StdEnvVars +ExportCertData',
|
||
Also available in: Unified diff
Update passenger SSL settings to the latest
This copies the protocol and cipher settings from upsteam:
https://github.com/puppetlabs/puppet/commit/204b2974bf7d10a41b10532c7565de36e993276a
Fixes GH-195