Allow to configure advanced SSL options for Apache
This patch allows to configure advanced ssl options like:
- SSLProtocol
- SSLCipherSuite
- SSLUseStapling
- SSLOpenSSLConfCmd DHParameters
- SSLOpenSSLConfCmd Curves
... and others
The whole list of options may be found in README and in following files:
apache/files/_ssl.conf
apache/files/_ssl_proxy.conf
apache/files/_ssl_stapling.conf
apache/files/httpd_ssl.conf
Please note that some parameters could be set only on server level
while the most of parameters are set on site level
Parameters` description:
https://httpd.apache.org/docs/2.4/mod/mod_ssl.html
The 'mode' trigger is deprecated and will be removed in future together
with _ssl_normal.conf and _ssl_secure.conf. All options should be
set from reclass directly.
The following options changed theirs types (for backward compatibility
new type will be applied only when mode is set to != secure)
SSLCipherSuite, SSLOpenSSLConfCmd Curves - was string, become list
Please read README for more details
Change-Id: I78aefd51b62d80eef57bfba6f9c1e40be86f519f
Related-PROD: PROD-19153
diff --git a/.kitchen.yml b/.kitchen.yml
index b2395a4..b479c60 100644
--- a/.kitchen.yml
+++ b/.kitchen.yml
@@ -47,4 +47,9 @@
pillars-from-files:
apache.sls: tests/pillar/apache_server_php7.sls
+ - name: apache_server_php7_ssl
+ provisioner:
+ pillars-from-files:
+ apache.sls: tests/pillar/apache_server_php7_ssl.sls
+
# vim: ft=yaml sw=2 ts=2 sts=2 tw=125