diff options
author | Silvio Rhatto <rhatto@riseup.net> | 2013-07-16 15:21:39 -0300 |
---|---|---|
committer | Silvio Rhatto <rhatto@riseup.net> | 2013-07-16 15:21:39 -0300 |
commit | c28aff37223e5a9692dc48fc6751af201d77a3a3 (patch) | |
tree | b541c2a6350b8047f7fd7a0c0863767b4b16e741 /templates | |
parent | 8f41b04563c28f4db3baa9efa55156ed1edb74cd (diff) | |
download | puppet-apache-c28aff37223e5a9692dc48fc6751af201d77a3a3.tar.gz puppet-apache-c28aff37223e5a9692dc48fc6751af201d77a3a3.tar.bz2 |
Enhancing SSL config
Diffstat (limited to 'templates')
-rw-r--r-- | templates/site.erb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/templates/site.erb b/templates/site.erb index 9e5763f..f2443f9 100644 --- a/templates/site.erb +++ b/templates/site.erb @@ -62,9 +62,10 @@ <% end %> # SSL Configuration SSLEngine on - SSLProtocol -all +SSLv3 +TLSv1 - SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH + SSLProtocol -ALL +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2 + SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH SSLHonorCipherOrder on + SSLCompression off SSLCertificateFile /etc/ssl/certs/<%= title %>.crt SSLCertificateKeyFile /etc/ssl/private/<%= title %>.pem </VirtualHost> |