Uploaded image for project: 'Modules'
  1. Modules
  2. MODULES-2044

Should generate secure SSL configuration by default

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • None
    • None
    • apache
    • CentOS 7

    Description

      If I use the SSL cert and configuration autogenerated with this module, I get the following alerts from https://www.ssllabs.com/ssltest :

      Certificate has a weak signature and expires after 2016. Upgrade to SHA2 to avoid browser warnings.

      This server accepts the RC4 cipher, which is weak. Grade capped to B.

      It would be great if the module provided a best-practices configuration out of the box.

      Attachments

        Activity

          People

            tp Thomas Honey
            koalillo Alejandro Córcoles
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Zendesk Support