pfizer update ssl cipher

author Andreas Gerstenberg <gerstenberg@pixelpark.com>

Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)

committer Andreas Gerstenberg <gerstenberg@pixelpark.com>

Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)
author Andreas Gerstenberg <gerstenberg@pixelpark.com>
Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)
committer Andreas Gerstenberg <gerstenberg@pixelpark.com>
Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)
diff --git a/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml b/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml

index 9a87d8bf3a7cafb225287744a2fe3cd41a1952c8..fcf57c331c48cad9ce45bc3adde12f47082b9147 100644 (file)
--- a/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml
+++ b/customer/pfizer/web01-pfizer-de.pixelpark.net.yaml
@@ -6,6 +6,8 @@ infra::additional_classes:
    - infra::profile::mysql_server
    - apache::mod::remoteip
  
+apache::mod::ssl::ssl_cipher: 'EECDH+AES:EDH+AES:!SHA1:!aNULL@STRENGTH'
+
  apache::default_vhost: false
  
  # TODO: Abwarten auf Ticket: https://jira.pixelpark.com/jira/browse/PPPUPPET-202
@@ -85,8 +87,6 @@ infra::profile::drupal::projects:
      ssl_cert: /etc/pki/tls/certs/www.pfizer.de-cert.pem
      ssl_chain: /etc/pki/tls/certs/www.pfizer.de-cert.pem
      ssl_key: /etc/pki/tls/private/www.pfizer.de-key.pem
-    ssl_ciphers: 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'
-    ssl_protocols: 'TLSv1.2'
      # SetEnvIf User-Agent         ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
      php_admin_value:
        memory_limit: 512M
author	Andreas Gerstenberg <gerstenberg@pixelpark.com>
	Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)
committer	Andreas Gerstenberg <gerstenberg@pixelpark.com>
	Fri, 10 Aug 2018 10:08:26 +0000 (12:08 +0200)