mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2025-02-25 18:55:28 -06:00
Don't use weak ciphers for client HTTPS connections
https://pagure.io/freeipa/issue/6730 Reviewed-By: Martin Basti <mbasti@redhat.com>
This commit is contained in:
Stanislav Laznicka
committed by
Tomas Krizek
Tomas Krizek
parent
61cd4372e1
commit
fda22c3344
@@ -296,3 +296,6 @@ TLS_VERSIONS = [
|
||||
"tls1.2"
|
||||
]
|
||||
TLS_VERSION_MINIMAL = "tls1.0"
|
||||
# high ciphers without RC4, MD5, TripleDES, pre-shared key
|
||||
# and secure remote password
|
||||
TLS_HIGH_CIPHERS = "HIGH:!aNULL:!eNULL:!MD5:!RC4:!3DES:!PSK:!SRP"
|
||||
|
||||
Reference in New Issue
Block a user