Ver código fonte

Remove wheezy-specific Apache SSL config omission

Alex Payne 9 anos atrás
pai
commit
290a3b4312
1 arquivos alterados com 6 adições e 5 exclusões
  1. 6
    5
      roles/common/templates/etc_apache2_ssl.conf.j2

+ 6
- 5
roles/common/templates/etc_apache2_ssl.conf.j2 Ver arquivo

@@ -2,13 +2,14 @@ SSLEngine on
2 2
 SSLProtocol ALL -SSLv2 -SSLv3
3 3
 SSLHonorCipherOrder On
4 4
 SSLCompression off
5
-{% if ansible_distribution_release != 'wheezy' %}
6
-    SSLUseStapling On
7
-    SSLStaplingResponderTimeout 5
8
-    SSLStaplingReturnResponderErrors off
9
-{% endif %}
5
+SSLUseStapling On
6
+SSLStaplingResponderTimeout 5
7
+SSLStaplingReturnResponderErrors off
8
+
10 9
 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
10
+
11 11
 SSLCertificateFile      /etc/ssl/certs/wildcard_public_cert.crt
12 12
 SSLCertificateKeyFile   /etc/ssl/private/wildcard_private.key
13 13
 SSLCACertificateFile    /etc/ssl/certs/wildcard_ca.pem
14
+
14 15
 Header add Strict-Transport-Security "max-age=15768000; includeSubdomains"

Carregando…
Cancelar
Salvar