Unify all ssl cipher suite configurations

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
author: Patrick Uiterwijk <puiterwijk@redhat.com> 2016-08-30 19:36:53 +0000
committer: Patrick Uiterwijk <puiterwijk@redhat.com> 2016-08-31 19:28:26 +0000
commit: f1dd7a74327b5c9a22e159b0fa5a4de815303864 (patch)
tree: d3b103f11ba13961a4eb2d5ec7bbb0c7daa3b5c0 /files/httpd
parent: 215c38198e4a7a70b3ef4c7935e16e5a61ee2fef (diff)
download: ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.tar.gz
ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.tar.xz
ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.zip
1 files changed, 2 insertions, 3 deletions
diff --git a/files/httpd/newvirtualhost.conf.j2 b/files/httpd/newvirtualhost.conf.j2
index 18c7a2e8a..a00dd53db 100644
--- a/files/httpd/newvirtualhost.conf.j2
+++ b/files/httpd/newvirtualhost.conf.j2
@@ -15,13 +15,12 @@
   #   SSL Protocol support:
   # List the enable protocol levels with which clients will be able to
   # connect.  Disable SSLv2 access by default:
-  SSLProtocol all -SSLv2
+  SSLProtocol {{ ssl_protocols }}
 
   #   SSL Cipher Suite:
   # List the ciphers that the client is permitted to negotiate.
   # See the mod_ssl documentation for a complete list.
-  #SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
-  SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
+  SSLCipherSuite {{ ssl_ciphers }}
 
   #   Server Certificate:
   # Point SSLCertificateFile at a PEM encoded certificate.  If
author	Patrick Uiterwijk <puiterwijk@redhat.com>	2016-08-30 19:36:53 +0000
committer	Patrick Uiterwijk <puiterwijk@redhat.com>	2016-08-31 19:28:26 +0000
commit	f1dd7a74327b5c9a22e159b0fa5a4de815303864 (patch)
tree	d3b103f11ba13961a4eb2d5ec7bbb0c7daa3b5c0 /files/httpd
parent	215c38198e4a7a70b3ef4c7935e16e5a61ee2fef (diff)
download	ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.tar.gz ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.tar.xz ansible-f1dd7a74327b5c9a22e159b0fa5a4de815303864.zip