[MODULES-2044] Should generate secure SSL configuration by default - Puppet Tickets

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: apache
Labels:
- puppetlabs-apache
- ssl
Environment:

CentOS 7

Description

If I use the SSL cert and configuration autogenerated with this module, I get the following alerts from https://www.ssllabs.com/ssltest :

Certificate has a weak signature and expires after 2016. Upgrade to SHA2 to avoid browser warnings.

This server accepts the RC4 cipher, which is weak. Grade capped to B.

It would be great if the module provided a best-practices configuration out of the box.

Attachments

Activity

People

Assignee:: Thomas Honey

Reporter:: Alejandro Córcoles

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2015/05/16 12:56 AM

Updated:: 2016/02/22 8:39 AM

Resolved:: 2016/02/22 8:39 AM

Zendesk Support