freeipa/ipaplatform/redhat
Christian Heimes 0451db9d3f Enable TLS 1.3 support on the server
urllib3 now supports post-handshake authentication with TLS 1.3. Enable
TLS 1.3 support for Apache HTTPd.

The update depends on bug fixes for TLS 1.3 PHA support in urllib3 and
Apache HTTPd. New builds are available in freeipa-master COPR and in
F30/F31.

Overwrite crypto-policy on Fedora only. Fedora 31 and earlier have TLS
1.0 and 1.1 still enabled by default.

Fixes: https://pagure.io/freeipa/issue/8125
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
2019-12-02 16:48:07 +01:00
..
__init__.py Split off generic Red Hat-like platform code from Fedora platform code 2014-10-09 15:37:24 +02:00
authconfig.py authconfig.py: restore user-nsswitch.conf at uninstall time 2019-08-29 17:34:27 +02:00
constants.py Use system-wide crypto policy for TLS ciphers 2019-07-02 16:38:00 +02:00
paths.py Use tasks to configure automount nsswitch settings 2019-08-28 22:15:50 -04:00
services.py Add ExecStartPost hook to wait for Dogtag PKI 2019-04-24 09:09:28 +02:00
tasks.py Enable TLS 1.3 support on the server 2019-12-02 16:48:07 +01:00