certmaster/SSLCommon.py | 1 + 1 file changed, 1 insertion(+) New commits: commit 0067200776b0b647778fdb877db83927ab048de4 Author: Greg Swift <gregswift@xxxxxxxxx> Date: Wed Apr 13 22:01:48 2011 -0500 Added setting of ciphersuite with only high and better SSLv3 certs. This should keep nessus and its ilk quiet as we only use 2048bit encryption anyways. diff --git a/certmaster/SSLCommon.py b/certmaster/SSLCommon.py index 5672a7f..c3e76c2 100644 --- a/certmaster/SSLCommon.py +++ b/certmaster/SSLCommon.py @@ -39,6 +39,7 @@ def CreateSSLContext(pkey, cert, ca_cert, passwd_callback=None): if passwd_callback: ctx.set_passwd_cb = passwd_callback + ctx.set_cipher_list('ALL:!aNULL:!ADH:!eNULL:!LOW:!MEDIUM:!EXP:RC4+RSA:+HIGH') ctx.use_certificate_file(cert) ctx.use_privatekey_file(pkey) ctx.load_client_ca(ca_cert) _______________________________________________ Func-list mailing list Func-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/func-list