certmaster/SSLCommon.py

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

 certmaster/SSLCommon.py |    1 +
 1 file changed, 1 insertion(+)

New commits:
commit 0067200776b0b647778fdb877db83927ab048de4
Author: Greg Swift <gregswift@xxxxxxxxx>
Date:   Wed Apr 13 22:01:48 2011 -0500

    Added setting of ciphersuite with only high and better SSLv3 certs.  This should keep nessus and its ilk quiet as we only use 2048bit encryption anyways.

diff --git a/certmaster/SSLCommon.py b/certmaster/SSLCommon.py
index 5672a7f..c3e76c2 100644
--- a/certmaster/SSLCommon.py
+++ b/certmaster/SSLCommon.py
@@ -39,6 +39,7 @@ def CreateSSLContext(pkey, cert, ca_cert, passwd_callback=None):
     if passwd_callback:
         ctx.set_passwd_cb = passwd_callback
 
+    ctx.set_cipher_list('ALL:!aNULL:!ADH:!eNULL:!LOW:!MEDIUM:!EXP:RC4+RSA:+HIGH')
     ctx.use_certificate_file(cert)
     ctx.use_privatekey_file(pkey)
     ctx.load_client_ca(ca_cert)


_______________________________________________
Func-list mailing list
Func-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/func-list
[Index of Archives]     [Fedora Users]     [Linux Networking]     [Fedora Legacy List]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux