diff options
author | varac <varacanero@zeromail.org> | 2016-02-25 14:55:55 +0100 |
---|---|---|
committer | varac <varacanero@zeromail.org> | 2016-02-25 15:04:31 +0100 |
commit | cb76fabaf1cefcfb58cc12a29afc7ba252913201 (patch) | |
tree | 4782c6800397cdf998fda825822f1f7bccb6cfca | |
parent | d355d8d0938062339e51d0b534c09b18315c5447 (diff) |
Provide ssl cipher suite defaults
We don't want to depend on too many modules.
The `$ssl_cipher_suite` parameter is the only
dependency to the `cert` module and I think it's
ok to remove this dependency. It's now a hardcoded
default taken from the puppetlabs apache module
(https://github.com/puppetlabs/puppetlabs-apache/blob/master/README.md#ssl_cipher)
Ppl who use the cert class will know how to pass the parameter.
See https://gitlab.com/shared-puppet-modules-group/apache/issues/9
for the discussion.
-rw-r--r-- | manifests/init.pp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/manifests/init.pp b/manifests/init.pp index 1079d85..ad1478a 100644 --- a/manifests/init.pp +++ b/manifests/init.pp @@ -22,7 +22,7 @@ class apache( $default_ssl_certificate_file = absent, $default_ssl_certificate_key_file = absent, $default_ssl_certificate_chain_file = absent, - $ssl_cipher_suite = $certs::ssl_config::ciphers_http + $ssl_cipher_suite = 'HIGH:MEDIUM:!aNULL:!MD5' ) { case $::operatingsystem { centos: { include apache::centos } |