Skip to content
Snippets Groups Projects
Commit c83e9d19 authored by Zuul's avatar Zuul Committed by Gerrit Code Review
Browse files

Merge "Disable TLS 1.1 on haproxy"

parents f7101cd4 16df54ea
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
ansible/roles/haproxy/templates/haproxy.cfg.j2
+ 1
1
View file @ c83e9d19
...@@ -16,7 +16,7 @@ global ...@@ -16,7 +16,7 @@ global
stats socket /var/lib/kolla/haproxy/haproxy.sock group kolla mode 660 stats socket /var/lib/kolla/haproxy/haproxy.sock group kolla mode 660
{% if kolla_enable_tls_external | bool %} {% if kolla_enable_tls_external | bool %}
ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES ssl-default-bind-ciphers DEFAULT:!MEDIUM:!3DES
ssl-default-bind-options no-sslv3 no-tlsv10 ssl-default-bind-options no-sslv3 no-tlsv10 no-tlsv11
tune.ssl.default-dh-param 4096 tune.ssl.default-dh-param 4096
{% endif %} {% endif %}
......
releasenotes/notes/disable_tlsv11-51d6be67d593f7ab.yaml 0 → 100644
+ 5
0
View file @ c83e9d19
---
security:
- |
Disable TLS 1.1 on haproxy for external network if
tls is enabled.
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment