Use horizon_ssl_protocol variable
This fix help in overriding the required ssl_protocol. Enabling TLS 1.0 and
TLS 1.1 as it prone to TLS Supported Cipher Suites Vulnerability and
using TLSv1.2 will remediate this vulnerability.
Change-Id: I4f7541a1e8e24e38aa8b9dcd84171c380d04c3d8
(cherry picked from commit 896b2c72cf
)
This commit is contained in:
parent
c0ebe80bd3
commit
b0e6711248
@ -24,7 +24,7 @@
|
||||
SSLCACertificateFile {{ horizon_ssl_ca_cert }}
|
||||
{% endif -%}
|
||||
SSLCompression Off
|
||||
SSLProtocol All -SSLv2 -SSLv3
|
||||
SSLProtocol {{ horizon_ssl_protocol }}
|
||||
SSLHonorCipherOrder On
|
||||
SSLCipherSuite {{ horizon_ssl_cipher_suite }}
|
||||
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
|
||||
|
Loading…
Reference in New Issue
Block a user