diff options
author | Martin Basti <mbasti@redhat.com> | 2016-03-03 17:39:34 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-03-09 10:04:58 +0100 |
commit | dd86f83c96961390f756e35496447d6aeae64df6 (patch) | |
tree | cb743f6370eaa2534d2d505343a702f390cbfc3d /install/updates | |
parent | abe3abb46699428038cd77f13b814de69fd7d0a2 (diff) | |
download | freeipa-dd86f83c96961390f756e35496447d6aeae64df6.tar.gz freeipa-dd86f83c96961390f756e35496447d6aeae64df6.tar.xz freeipa-dd86f83c96961390f756e35496447d6aeae64df6.zip |
Configure 389ds with "default" cipher suite
nsSSLCiphers: "default" provides only secure ciphers that should be used when
connecting to DS
https://fedorahosted.org/freeipa/ticket/5684
Reviewed-By: Fraser Tweedale <ftweedal@redhat.com>
Diffstat (limited to 'install/updates')
-rw-r--r-- | install/updates/20-sslciphers.update | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/install/updates/20-sslciphers.update b/install/updates/20-sslciphers.update index b0c952f49..978a44ba4 100644 --- a/install/updates/20-sslciphers.update +++ b/install/updates/20-sslciphers.update @@ -1,6 +1,6 @@ # change configured ciphers -# the result of this update will be that all ciphers -# provided by NSS which ar not weak will be enabled +# the result of this update will be that default ciphers +# provided by DS which are not weak will be enabled dn: cn=encryption,cn=config -only:nsSSL3Ciphers: +all +only:nsSSL3Ciphers: default addifnew:allowWeakCipher: off |