From: Silvio Rhatto <rhatto@riseup.net>
Date: Thu, 23 Oct 2014 18:25:59 +0000 (-0200)
Subject: Disabling SSLv3
X-Git-Url: https://gitweb.fluxo.info/?a=commitdiff_plain;h=8276c5e947953786945de7c6dbd2898e962cf402;p=puppet-puppet.git

Disabling SSLv3
---

diff --git a/templates/passenger.erb b/templates/passenger.erb
index 364eca1..9bda8df 100644
--- a/templates/passenger.erb
+++ b/templates/passenger.erb
@@ -11,7 +11,7 @@ Listen <%= listen %>
 
 <VirtualHost *:<%= listen %>>
         SSLEngine on
-        SSLProtocol -ALL +SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
+        SSLProtocol -ALL -SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
         SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:!RC4:HIGH:!MD5:!aNULL:!EDH
 
         SSLCertificateFile      /var/lib/puppetmaster/ssl/certs/<%= certname %>.pem