Description of problem:
Currently, it is possible to configure TLS ciphers and other options used by pcsd in /etc/sysconfig/pcsd. There is a default value hardcoded in pcsd source. RHEL (and Fedora) provides a system-wide crypto policies framework, which allows to configure TLS settings in one place for the entire OS and all applications. This has a benefit of easy management, when disabling a weak cipher can be done in a single place. Pcsd should connect to this framework.


Version-Release number of selected component (if applicable):
pcs-0.11.7


How reproducible:
always, easily


Steps to Reproduce:
1. update-crypto-policies --set DEFAULT
2. nmap -p 2224 {pcsd node} --script +ssl-enum-ciphers
3. update-crypto-policies --set FIPS
4. nmap -p 2224 {pcsd node} --script +ssl-enum-ciphers


Actual results:
TLS ciphers used by pcsd do not depend on the current crypto policy


Expected results:
TLS ciphers used by pcsd are set by the current crypto policy


Additional info:
nmap-7.91-12.el9 doesn't show TLSv1.3, use nmap-7.93-2.fc38


Proposed solution:
Make 'PROFILE=SYSTEM' the default for PCSD_SSL_CIPHERS