diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-08-28 20:09:54 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-08-28 20:44:13 +0200 |
commit | 067a4c2ce844c0bc48f662e336bd2bc4528b34f3 (patch) | |
tree | 88f83bc06880edbea4742504454117d2660be327 /chaos-at-home/ch-http-proxy.yml | |
parent | ch-http-proxy: simple forwards are done (diff) |
http|imap-proxy: fix tls encryption to backend (allow TLS1.0)
Diffstat (limited to 'chaos-at-home/ch-http-proxy.yml')
-rw-r--r-- | chaos-at-home/ch-http-proxy.yml | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/chaos-at-home/ch-http-proxy.yml b/chaos-at-home/ch-http-proxy.yml index cac572c1..9a80a446 100644 --- a/chaos-at-home/ch-http-proxy.yml +++ b/chaos-at-home/ch-http-proxy.yml @@ -54,7 +54,13 @@ } } - # post_tasks: + post_tasks: + - name: lower minimum tls protocol version to 1.0 + lineinfile: + path: /etc/ssl/openssl.cnf + regexp: '^MinProtocol\s*=' + line: 'MinProtocol = TLSv1.0' + # - name: install systemd service unit for service-ip # copy: # dest: /etc/systemd/system/http-service-ip.service |