Merge "Disallow SSLv2, SSLv3 and TLS1.0 in httpd for FedRAMP compliance." into stable/queens

This commit is contained in:
Zuul 2018-04-23 11:13:11 +00:00 committed by Gerrit Code Review
commit 7235d2a58d
1 changed files with 1 additions and 0 deletions

View File

@ -98,6 +98,7 @@ outputs:
-
generate_service_certificates: true
apache::mod::ssl::ssl_ca: {get_param: InternalTLSCAFile}
apache::mod::ssl::ssl_protocol: ['all', '-SSLv2', '-SSLv3', '-TLSv1']
tripleo::certmonger::apache_dirs::certificate_dir: '/etc/pki/tls/certs/httpd'
tripleo::certmonger::apache_dirs::key_dir: '/etc/pki/tls/private/httpd'
apache_certificates_specs: