jonathan/infra
1
0
Fork 0
Code Actions Activity

bump tls version, enforce strong ciphers

Browse Source
This commit is contained in:
Jonathan DeMasi
2026-01-23 19:32:09 -07:00
parent 2b1a5ee3f9
commit 820b458037
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ansible/roles/openldap_server/tasks/tls.yaml
View File

@@ -5,6 +5,8 @@
attributes: attributes:
olcTLSCertificateFile: "{{ ldap_cert_path }}" olcTLSCertificateFile: "{{ ldap_cert_path }}"
olcTLSCertificateKeyFile: "{{ ldap_key_path }}" olcTLSCertificateKeyFile: "{{ ldap_key_path }}"
olcTLSProtocolMin: "3.3" # TLS 1.2+
olcTLSCipherSuite: HIGH:!aNULL:!MD5
args: args:
server_uri: ldapi:/// server_uri: ldapi:///
sasl_mech: EXTERNAL sasl_mech: EXTERNAL