Use only TLSv1 and greater to depoodle
The poodle SSLv3 vulnerability is a good reason to stop using SSLv3. Switch to TLS everywhere in our apache vhost configs. Change-Id: If7b18174253b6f185e029f97bfa77d8ad4941385
This commit is contained in:
		| @@ -23,6 +23,7 @@ | |||||||
|   CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined |   CustomLog ${APACHE_LOG_DIR}/<%= scope.lookupvar("etherpad_lite::apache::vhost_name") %>-ssl-access.log combined | ||||||
|  |  | ||||||
|   SSLEngine on |   SSLEngine on | ||||||
|  |   SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2 | ||||||
|  |  | ||||||
|   SSLCertificateFile      <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %> |   SSLCertificateFile      <%= scope.lookupvar("etherpad_lite::apache::ssl_cert_file") %> | ||||||
|   SSLCertificateKeyFile   <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %> |   SSLCertificateKeyFile   <%= scope.lookupvar("etherpad_lite::apache::ssl_key_file") %> | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user
	 Clark Boylan
					Clark Boylan