Koha-community/Koha
15
7
Fork 0
Code Issues Releases Wiki Activity

Bug 34193: SSLProtocol enable in use versions and disable deprecated versions

Browse source 
This patch changes the default SSLProtocol for the Let's Encrypt
HTTPS template, so that it enables in use versions of TLS while
disabling the deprecated versions of TLS.

Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Tomas Cohen Arazi <tomascohen@theke.io>
This commit is contained in:
David Cook 2023-07-03 23:52:53 +00:00 committed by Tomas Cohen Arazi
parent 13d3e87503
commit 58893f4c0b
Signed by: tomascohen
GPG key ID: 0A272EA1B2F3C15F
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
debian/templates/apache-site-https.conf.in vendored
View file

@ -12,7 +12,7 @@
# OPAC
<VirtualHost *:80> #https
# SSLEngine on
# SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
# SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
# SSLCompression off
# SSLHonorCipherOrder on
# SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-SA-
@ -39,7 +39,7 @@
# Intranet
<VirtualHost *:80> #https
# SSLEngine on
# SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
# SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
# SSLCompression off
# SSLHonorCipherOrder on
# SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES