b0c2cd7b4c
The value of gunicorn's option 'cert_reqs` for client-cert requirement does not take a boolean, but rather `ssl.CERT_REQUIRED` which is `2`. Story: 2006660 Task: 36916 SecurityImpact: CVE-2019-17134 Change-Id: I5619f5e40d7c9a2ee7741bf4664c0d2d08963992
6 lines
135 B
YAML
6 lines
135 B
YAML
---
|
|
security:
|
|
- |
|
|
Correctly require two-way certificate authentication to connect to the
|
|
amphora agent API (CVE-2019-17134).
|