Adds a ssl_common.inc file to use inside vhosts for the SSL config (solves #5103)

Change-Id: I717bf7ca2c5679165a99370c4540f8b8dc1a48ea
author: guido <guido@bruo.org> 2014-12-22 10:52:38 -0300
committer: guido <guido@bruo.org> 2014-12-22 10:52:38 -0300
commit: 7d1f286e571af299fa88881393876dc6fb494256 (patch)
tree: 7404c2c6d908698f6339af46abdca3c953960312 /puppet/modules/site_apache/files
parent: 50424b752f844305494686afbb1c73995ebfaf39 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/puppet/modules/site_apache/files/include.d/ssl_common.inc b/puppet/modules/site_apache/files/include.d/ssl_common.inc
new file mode 100644
index 00000000..08b993cc
--- /dev/null
+++ b/puppet/modules/site_apache/files/include.d/ssl_common.inc
@@ -0,0 +1,7 @@
+SSLEngine on
+SSLProtocol all -SSLv2 -SSLv3
+SSLHonorCipherOrder on
+SSLCompression off
+SSLCipherSuite "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK"
+
+RequestHeader set X_FORWARDED_PROTO 'https'
+\ No newline at end of file
author	guido <guido@bruo.org>	2014-12-22 10:52:38 -0300
committer	guido <guido@bruo.org>	2014-12-22 10:52:38 -0300
commit	7d1f286e571af299fa88881393876dc6fb494256 (patch)
tree	7404c2c6d908698f6339af46abdca3c953960312 /puppet/modules/site_apache/files
parent	50424b752f844305494686afbb1c73995ebfaf39 (diff)