Certificate System now supports setting SSL ciphers for individual installation
Previously, if an existing Certificate Server had customized cipher set that did not overlap with the default ciphers used during the installation, a new instance could not be installed to work with existing instances. With this update, Certificate System enables you to customize the SSL cipher using a two-step installation, which avoids this problem. To set the ciphers during a Certificate System instance installation:
1. Prepare a deployment configuration file that includes the "pki_skip_configuration=True" option.
2. Pass the deployment configuration file to the "pkispawn" command to start the initial part of the installation.
3. Set the ciphers in the "sslRangeCiphers" option in the `/var/lib/pki/<instance>/conf/server.xml` file.
4. Replace the "pki_skip_configuration=True" option with "pki_skip_installation=True" in the deployment configuration file.
5. Run the same "pkispawn" command to complete the installation.