harden haproxy TLS config according to mozilla
Bug #2060787 reported by
Sven Kieske
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
kolla-ansible |
In Progress
|
Medium
|
Sven Kieske | ||
Antelope |
Confirmed
|
Medium
|
Unassigned | ||
Bobcat |
Confirmed
|
Medium
|
Unassigned | ||
Caracal |
In Progress
|
Medium
|
Sven Kieske | ||
Yoga |
Confirmed
|
Medium
|
Unassigned | ||
Zed |
Confirmed
|
Medium
|
Unassigned |
Bug Description
Hi,
when testing openstack TLS endpoints using `sslyze` I get the following error:
COMPLIANCE AGAINST MOZILLA TLS CONFIGURATION
------
Checking results against Mozilla's "MozillaTlsConf
example.com:443: FAILED - Not compliant.
* ciphers: Cipher suites {'TLS_ECDHE_
I prepared a fix to harden the TLS config.
kind regards
Sven
Changed in kolla-ansible: | |
assignee: | nobody → Sven Kieske (s-kieske) |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/openstack /kolla- ansible/ +/915403
Review: https:/