|
5c0a7c2c72
|
group_vars/all: Update TLS cipher suite
Use latest Mozilla intermediate suite:
https://wiki.mozilla.org/Security/Server_Side_TLS
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2015-09-02 15:11:57 +03:00 |
|
|
54993d6d6b
|
Update tls cipher suite with latest string from Mozilla TLS guide
https://wiki.mozilla.org/Security/Server_Side_TLS states"
Version 3.3: ulfr: fix SHA256 prio, add POODLE details, update various templates
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2014-10-25 12:36:19 +03:00 |
|
|
81a98596e3
|
Downgrade TLS configuration to Mozilla's "intermediate" spec
From looking at the list of clients who would be allowed to connect
when using the "modern" spec, I think I'd be doing more harm than
good to use that config right now...
https://www.ssllabs.com/ssltest/analyze.html?d=alaninkenya.org
https://wiki.mozilla.org/Security/Server_Side_TLS
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2014-10-09 21:09:18 +03:00 |
|
|
ad8a704470
|
Update TLS configuration to Mozilla's "modern" spec
Details, see:
- https://jve.linuxwall.info/blog/index.php?post/2014/10/09/Automated-configuration-analysis-for-Mozilla-s-TLS-guidelines
- https://wiki.mozilla.org/Security/Server_Side_TLS
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2014-10-09 20:56:08 +03:00 |
|
|
1e54507b05
|
group_vars/all: Remove host-specific configs
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2014-08-25 11:45:08 +03:00 |
|
|
60b8ecdd4c
|
Initial commit
Signed-off-by: Alan Orth <alan.orth@gmail.com>
|
2014-08-17 00:35:57 +03:00 |
|