The charms should do sane things by default:
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
and be opinionated about what is secure based on recognised security standards.
So I'd prefer not to have an config option here but to review our default baseline for SSL TLS termination and update if need be.
The charms should do sane things by default:
SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 !MD5:!aNULL: !eNULL: !EXP:!LOW: !MEDIUM
SSLCipherSuite HIGH:!RC4:
and be opinionated about what is secure based on recognised security standards.
So I'd prefer not to have an config option here but to review our default baseline for SSL TLS termination and update if need be.