Fix SSL/TLS ciphers/options for HAProxy services
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fuel for OpenStack |
Won't Fix
|
Medium
|
Fuel Documentation Team | ||
Mitaka |
Confirmed
|
Medium
|
Fuel Documentation Team |
Bug Description
https:/
Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.
commit d5c3e19399807b0
Author: Maksim Malchuk <email address hidden>
Date: Mon Jun 27 23:43:35 2016 +0300
Fix SSL/TLS ciphers/options for HAProxy services
* implement the same SSL/TLS ciphers as for Fuel master node (disable
WEAK DHE ciphers but leave TLSv1 working: LP#1497195
* remove useless dh_param options because they not needed anymore
* move the ciphers list to the cluster::haproxy parameters and don't
repeat this list in the several configuration files (DRY)
* prepare for an upgrade and move the options list to global settings
too (DRY) (TODO)
* ssl_default_ciphers can be changed by end user via hiera
DocImpact
Change-Id: I5e5784521641ea
Closes-Bug: #1594359
Signed-off-by: Maksim Malchuk <email address hidden>
(cherry picked from commit 996058caddcd57e
Changed in fuel: | |
assignee: | nobody → Fuel Documentation Team (fuel-docs) |
Changed in fuel: | |
status: | New → Confirmed |
importance: | Undecided → Medium |
milestone: | none → 9.2 |
Changed in fuel: | |
status: | Confirmed → Won't Fix |