Add SSL Protocol and Cipher config to default vhost Let's follow best practice and disable weak ciphers and protocols. Change-Id: I4f5075f3e23deebd93da2be8a6609c5e195924e5

commit: a22ebefc027cf96d5ece6823735b6630c13e2d1d [log] [tgz]
author: Andreas Jaeger <aj@suse.com> Tue Mar 01 15:08:19 2016 +0100
committer: Andreas Jaeger <aj@suse.com> Tue Mar 01 15:08:19 2016 +0100
tree: 55b30796248f80ce3f7e4fbfe3226d50db0448a8
parent: aa77c29ad5206e799f5d046fba6f5a0c7ddbe745 [diff]
diff --git a/horizon/files/openstack-dashboard.conf.RedHat b/horizon/files/openstack-dashboard.conf.RedHat
index 2a59194..1742bde 100644
--- a/horizon/files/openstack-dashboard.conf.RedHat
+++ b/horizon/files/openstack-dashboard.conf.RedHat

@@ -76,6 +76,8 @@
   ServerName {{ server.host.name }}
 
   SSLEngine On
+  SSLProtocol +TLSv1 +TLSv1.1 +TLSv1.2
+  SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!EXP:!LOW:!MEDIUM
   SSLCertificateFile {{ server.certs_dir }}/{{ server.host.name }}.crt
   SSLCertificateKeyFile {{ server.private_dir }}/{{ server.host.name }}.key
   SSLCertificateChainFile {{ server.certs_dir }}/{{ server.ssl.authority }}-chain.crt
commit	a22ebefc027cf96d5ece6823735b6630c13e2d1d	[log] [tgz]
author	Andreas Jaeger <aj@suse.com>	Tue Mar 01 15:08:19 2016 +0100
committer	Andreas Jaeger <aj@suse.com>	Tue Mar 01 15:08:19 2016 +0100
tree	55b30796248f80ce3f7e4fbfe3226d50db0448a8
parent	aa77c29ad5206e799f5d046fba6f5a0c7ddbe745 [diff]