[Bug 1158152] New: provide ssl profiles by defaults
http://bugzilla.suse.com/show_bug.cgi?id=1158152 Bug ID: 1158152 Summary: provide ssl profiles by defaults Classification: openSUSE Product: openSUSE Tumbleweed Version: Current Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Apache Assignee: bnc-team-apache@forge.provo.novell.com Reporter: lnussel@suse.com QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- On the openSUSE heroes list I learned about https://ssl-config.mozilla.org/ How about shipping those settings in config files already so the admin can choose without editing configs? -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1158152 Petr Gajdos <pgajdos@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pgajdos@suse.com Assignee|bnc-team-apache@forge.provo |pgajdos@suse.com |.novell.com | -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1158152 http://bugzilla.suse.com/show_bug.cgi?id=1158152#c1 Petr Gajdos <pgajdos@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |lnussel@suse.com Flags| |needinfo?(lnussel@suse.com) --- Comment #1 from Petr Gajdos <pgajdos@suse.com> --- I went trough these settings there and I wonder what should be added/removed/amended in current apache2-ssl-global.conf and apache2-vhost-ssl.template and why? Or you would like to ship the file verbatim in, say, /etc/apache2/vhosts.d/mozilla.template? Note. If my memory serves good, it was you, who have outsourced global settings apache2-ssl-global.conf, so you are familiar with, hence question: wouldn't be confusing when some global options would be in /etc/apache2/vhosts.d/mozilla.template? But anyway, even this configuration file has to edited. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1158152 http://bugzilla.suse.com/show_bug.cgi?id=1158152#c2 --- Comment #2 from Petr Gajdos <pgajdos@suse.com> --- * be edited. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1158152 http://bugzilla.suse.com/show_bug.cgi?id=1158152#c3 Ludwig Nussel <lnussel@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Flags|needinfo?(lnussel@suse.com) | --- Comment #3 from Ludwig Nussel <lnussel@suse.com> --- not as template, was thinking along the lines of eg update-alternatives to source a file from ssl-global with the cipher settings -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.suse.com/show_bug.cgi?id=1158152 http://bugzilla.suse.com/show_bug.cgi?id=1158152#c4 --- Comment #4 from Petr Gajdos <pgajdos@suse.com> --- update-alternatives? I do not understand much, sorry. As I said, you have to go to the configuration file. There are following possibilities three possibilities already: 1. configure httpd just by editing configuration files and run it by 'httpd' 2. configure it via sysconfig and/or 3. via yast2-httpd and run it via start_apache2/systemd service. I do not think that to add another way to configure it is a good idea. Perhaps simplifying yast2-httpd to provide something like profiles would be the way to go; if I recall correctly there was a google summer entry for this, not sure how far that had gone. I have not talked about it with Josef Reidinger for a long time now. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1158152 https://bugzilla.suse.com/show_bug.cgi?id=1158152#c5 Petr Gajdos <pgajdos@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|pgajdos@suse.com |david.anes@suse.com --- Comment #5 from Petr Gajdos <pgajdos@suse.com> --- Reassign to current maintainer. As said in comment 4, I had not understood the task. -- You are receiving this mail because: You are on the CC list for the bug.
participants (2)
-
bugzilla_noreply@novell.com -
bugzilla_noreply@suse.com