Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

pagure: Disable SSLv2, SSLv3, TLS1.0 and leave TLS1.1 and 1.2 enabled. (ticket 8231)

Browse source 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
This commit is contained in:
Kevin Fenzi 2019-09-23 17:59:01 +00:00 committed by Pierre-Yves Chibon
parent a9c97618a1
commit b1d3cf582e
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/pagure/frontend/templates/stunnel-conf.j2
View file

@ -8,6 +8,9 @@ key = /etc/pki/tls/certs/pagure.io.key
pid = /var/run/stunnel.pid
[{{ stunnel_service }}]
sslVersion = all
options = NO_SSLv2
options = NO_SSLv3
options = NO_TLSv1
accept = {{ stunnel_source_port }}
connect = {{ stunnel_destination_port }}