Fix SSL/TLS ciphers/options for HAProxy services
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Fuel for OpenStack |
Confirmed
|
Medium
|
Fuel Documentation Team | ||
Bug Description
https:/
Dear bug triager. This bug was created since a commit was marked with DOCIMPACT.
commit 996058caddcd57e
Author: Maksim Malchuk <email address hidden>
Date: Mon Jun 27 23:43:35 2016 +0300
Fix SSL/TLS ciphers/options for HAProxy services
* implement the same SSL/TLS ciphers as for Fuel master node (disable
WEAK DHE ciphers but leave TLSv1 working: LP#1497195
* remove useless dh_param options because they not needed anymore
* move the ciphers list to the cluster::haproxy parameters and don't
repeat this list in the several configuration files (DRY)
* prepare for an upgrade and move the options list to global settings
too (DRY) (TODO)
* ssl_default_ciphers can be changed by end user via hiera
DocImpact
Change-Id: I5e5784521641ea
Closes-Bug: #1594359
Signed-off-by: Maksim Malchuk <email address hidden>
| Changed in fuel: | |
| assignee: | nobody → Fuel Documentation Team (fuel-docs) |
| status: | New → Confirmed |
| importance: | Undecided → Medium |
| milestone: | none → 10.0 |
| tags: | added: area-docs |
