Set gcomm_cipher to an appropriate value if FIPS is enabled
The default cipher set via puppet-tripleo is AES128-SHA256 for mysql and this is not allowed in FIPS. This commit overrides this value to be 'ECDHE-RSA-AES256-GCM-SHA384' if FIPS is enabled. Depends-on: I7f47741d4b2a5a3473d24439689cc358bf7738f0 Change-Id: I386ce0d7459cc9750172849215440cd532fb2618
This commit is contained in:
parent
5fb9d7ecb6
commit
070bc335b6
|
@ -7,3 +7,6 @@ parameter_defaults:
|
|||
|
||||
# Add RabbitAdditionalErlArgs for FIPS
|
||||
RabbitFIPS: true
|
||||
|
||||
# Override gcomm_cipher for FIPS
|
||||
MysqlGaleraSSLCipher: 'ECDHE-RSA-AES256-GCM-SHA384'
|
||||
|
|
Loading…
Reference in New Issue