19825273 horizon default config should disable SSL 2 & 3 s11-update
authorDrew Fisher <drew.fisher@oracle.com>
Fri, 17 Oct 2014 12:24:12 -0700
branchs11-update
changeset 3409 53d60770c45d
parent 3401 bd976a0fa74e
child 3410 840954262ba5
19825273 horizon default config should disable SSL 2 & 3
components/openstack/horizon/files/openstack-dashboard-tls.conf
--- a/components/openstack/horizon/files/openstack-dashboard-tls.conf	Fri Oct 17 09:32:29 2014 -0700
+++ b/components/openstack/horizon/files/openstack-dashboard-tls.conf	Fri Oct 17 12:24:12 2014 -0700
@@ -20,6 +20,10 @@
     ServerName openstack.example.com
 
     SSLEngine On
+
+    # Disable the known insecure SSLv2 & SSLv3 protocols
+    SSLProtocol all -SSLv2 -SSLv3
+
     #
     # For an overview on SSL with Apache see:
     #    http://httpd.apache.org/docs/2.2/ssl/ssl_howto.html