[CentOS] easy way to stop old ssl's
Markus Falb
markus.falb at fasel.atSat Oct 12 10:06:12 UTC 2019
- Previous message: [CentOS] easy way to stop old ssl's
- Next message: [CentOS] easy way to stop old ssl's
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 11.10.19 22:40, Warren Young wrote: > On Oct 11, 2019, at 12:12 PM, Jerry Geis <jerry.geis at gmail.com> wrote: >> >> is there a script that is available that can be ran to bring >> a box up to current "accepted" levels ? > > I don’t know why you’d use a script for this at all. Just ship a new HTTPS configuration to each server. Apache loads all *.conf files in its configuration directory, so you might be able to just add another file to the existing config set. If not, then replace the existing config file instead. Instead of configuring every application separataly it would be nice if "accepted levels of security" could be set system wide. With 8 it seems there is such a thing https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/security_hardening/using-the-system-wide-cryptographic-policies_security-hardening Although I believe that FIPS mode is also available in 7 I did not used neither system wide cryptographic policies nor FIPS mode so my post is more the theoretical one, but I thought it is on topic. -- Kind Regards, Markus Falb
- Previous message: [CentOS] easy way to stop old ssl's
- Next message: [CentOS] easy way to stop old ssl's
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list