Provide ssl cipher suite defaults

We don't want to depend on too many modules. The `$ssl_cipher_suite` parameter is the only dependency to the `cert` module and I think it's ok to remove this dependency. It's now a hardcoded default taken from the puppetlabs apache module (https://github.com/puppetlabs/puppetlabs-apache/blob/master/README.md#ssl_cipher) Ppl who use the cert class will know how to pass the parameter. See https://gitlab.com/shared-puppet-modules-group/apache/issues/9 for the discussion.
author: varac <varacanero@zeromail.org> 2016-02-25 14:55:55 +0100
committer: varac <varacanero@zeromail.org> 2016-02-25 15:04:31 +0100
commit: cb76fabaf1cefcfb58cc12a29afc7ba252913201 (patch)
tree: 4782c6800397cdf998fda825822f1f7bccb6cfca
parent: d355d8d0938062339e51d0b534c09b18315c5447 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/manifests/init.pp b/manifests/init.pp
index 1079d85..ad1478a 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -22,7 +22,7 @@ class apache(
   $default_ssl_certificate_file       = absent,
   $default_ssl_certificate_key_file   = absent,
   $default_ssl_certificate_chain_file = absent,
-  $ssl_cipher_suite                   = $certs::ssl_config::ciphers_http
+  $ssl_cipher_suite                   = 'HIGH:MEDIUM:!aNULL:!MD5'
 ) {
   case $::operatingsystem {
     centos: { include apache::centos }
author	varac <varacanero@zeromail.org>	2016-02-25 14:55:55 +0100
committer	varac <varacanero@zeromail.org>	2016-02-25 15:04:31 +0100
commit	cb76fabaf1cefcfb58cc12a29afc7ba252913201 (patch)
tree	4782c6800397cdf998fda825822f1f7bccb6cfca
parent	d355d8d0938062339e51d0b534c09b18315c5447 (diff)