Commit Graph

6 Commits

Author SHA1 Message Date
5c0a7c2c72 group_vars/all: Update TLS cipher suite
Use latest Mozilla intermediate suite:

https://wiki.mozilla.org/Security/Server_Side_TLS

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2015-09-02 15:11:57 +03:00
54993d6d6b
Update tls cipher suite with latest string from Mozilla TLS guide
https://wiki.mozilla.org/Security/Server_Side_TLS states"

    Version 3.3: ulfr: fix SHA256 prio, add POODLE details, update various templates

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-25 12:36:19 +03:00
81a98596e3
Downgrade TLS configuration to Mozilla's "intermediate" spec
From looking at the list of clients who would be allowed to connect
when using the "modern" spec, I think I'd be doing more harm than
good to use that config right now...

https://www.ssllabs.com/ssltest/analyze.html?d=alaninkenya.org
https://wiki.mozilla.org/Security/Server_Side_TLS

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-09 21:09:18 +03:00
ad8a704470
Update TLS configuration to Mozilla's "modern" spec
Details, see:

- https://jve.linuxwall.info/blog/index.php?post/2014/10/09/Automated-configuration-analysis-for-Mozilla-s-TLS-guidelines
- https://wiki.mozilla.org/Security/Server_Side_TLS

Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-09 20:56:08 +03:00
1e54507b05
group_vars/all: Remove host-specific configs
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-25 11:45:08 +03:00
60b8ecdd4c
Initial commit
Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-08-17 00:35:57 +03:00