starlingx/config-files
Code Issues Proposed changes

Fix syntax for removing SHA1 ciphers in slapd

Browse Source 
This review will be fixing the syntax that is missing, from SHA to
SHA1.

Test Plan:
PASS: Run fresh install of AIO-SX and verify if it unlocks the
      the controller-0 with no issues.

Closes-Bug: 2054813

Change-Id: Id7e1978e42e4c0d560d9fe5fdaf034d79f865b0a
Signed-off-by: Karla Felix <karla.karolinenogueirafelix@windriver.com>
This commit is contained in:
Karla Felix 2024-03-13 10:47:37 -03:00
parent 6c0909286c
commit 6a7e681a11
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
openldap-config/source-debian/slapd.conf
View File

@ -26,9 +26,9 @@ serverID 001
# -VERS-TLS_ALL : Excludes all TLS versions. # -VERS-TLS_ALL : Excludes all TLS versions.
# +VERS-TLS1.2 - Includes only TLS1.2. # +VERS-TLS1.2 - Includes only TLS1.2.
# +VERS-TLS1.3 - Includes only TLS1.3. # +VERS-TLS1.3 - Includes only TLS1.3.
# -SHA - Excludes all SHA1 ciphers. # -SHA1 - Excludes all SHA1 ciphers.
TLSProtocolMin 3.3 TLSProtocolMin 3.3
TLSCipherSuite SECURE128:SECURE256:SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.3:-SHA TLSCipherSuite SECURE128:SECURE256:SECURE192:-VERS-TLS-ALL:+VERS-TLS1.2:+VERS-TLS1.3:-SHA1
# Load dynamic backend modules: # Load dynamic backend modules:
modulepath /usr/libexec/openldap modulepath /usr/libexec/openldap