From b018162d370531ffe224aee92fee0e45b19b74d6 Mon Sep 17 00:00:00 2001
From: Andrew Bonney <andrew.bonney@bbc.co.uk>
Date: Mon, 10 Jan 2022 13:44:07 +0000
Subject: [PATCH] Fix definition of ssl_protocol

The syntax for TLS 1.0 is incorrect for Apache servers
which appear to be the only users of this variable.

Depends-On: https://review.opendev.org/c/openstack/openstack-ansible/+/823971
Change-Id: I4a66a5b24f03eadc0fe758065749a7ae15a013d8
---
 inventory/group_vars/all/ssl.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/inventory/group_vars/all/ssl.yml b/inventory/group_vars/all/ssl.yml
index 86346d84dd..db40746fcb 100644
--- a/inventory/group_vars/all/ssl.yml
+++ b/inventory/group_vars/all/ssl.yml
@@ -16,7 +16,7 @@
 ## SSL
 # These do not need to be configured unless you're creating certificates for
 # services running behind Apache (currently, Horizon and Keystone).
-ssl_protocol: "ALL -SSLv2 -SSLv3 -TLSv1.0 -TLSv1.1"
+ssl_protocol: "ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1"
 # Cipher suite string from https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
 ssl_cipher_suite: "ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS"