Bug 1327764
Summary: | Satellite 6 Modified the SSLCipherSuite to be: SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:!RC4+RSA:+HIGH:!MEDIUM:!LOW | ||
---|---|---|---|
Product: | Red Hat Satellite | Reporter: | Fotios Tsiadimos <ftsiadim> |
Component: | Security | Assignee: | satellite6-bugs <satellite6-bugs> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Katello QA List <katello-qa-list> |
Severity: | urgent | Docs Contact: | |
Priority: | urgent | ||
Version: | 6.1.5 | CC: | abalakht, bkearney, dlobatog, ftsiadim, kseifried, mmccune, shughes, stbenjam, wburrows, xdmoon |
Target Milestone: | Unspecified | ||
Target Release: | Unused | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2017-08-14 18:18:24 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Fotios Tsiadimos
2016-04-15 21:35:42 UTC
I would suggest using this: https://mozilla.github.io/server-side-tls/ssl-config-generator/ and choosing Intermediate (compatible back to Java 7) or Modern (only compatible back to Java 8) ideally. Satellite 6.3 has the following
> SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
> SSLProtocol all -SSLv2 -SSLv3
Which should be acceptable. Closing this out as "NEXTRELEASE" for inclusion with 6.3
|