From 7d1f286e571af299fa88881393876dc6fb494256 Mon Sep 17 00:00:00 2001
From: guido <guido@bruo.org>
Date: Mon, 22 Dec 2014 10:52:38 -0300
Subject: Adds a ssl_common.inc file to use inside vhosts for the SSL config
 (solves #5103)

Change-Id: I717bf7ca2c5679165a99370c4540f8b8dc1a48ea
---
 puppet/modules/site_apache/files/include.d/ssl_common.inc | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 puppet/modules/site_apache/files/include.d/ssl_common.inc

(limited to 'puppet/modules/site_apache/files/include.d')

diff --git a/puppet/modules/site_apache/files/include.d/ssl_common.inc b/puppet/modules/site_apache/files/include.d/ssl_common.inc
new file mode 100644
index 00000000..08b993cc
--- /dev/null
+++ b/puppet/modules/site_apache/files/include.d/ssl_common.inc
@@ -0,0 +1,7 @@
+SSLEngine on
+SSLProtocol all -SSLv2 -SSLv3
+SSLHonorCipherOrder on
+SSLCompression off
+SSLCipherSuite "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK"
+
+RequestHeader set X_FORWARDED_PROTO 'https'
\ No newline at end of file
-- 
cgit v1.2.3