Reviewed: https://review.openstack.org/143430 Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=b11236a6e25585c49c6bdf7d15eb17542bca0c88 Submitter: Jenkins Branch: master commit b11236a6e25585c49c6bdf7d15eb17542bca0c88 Author: Jesse Pretorius <jesse.pretorius at rackspace.co.uk> Date: Mon Dec 22 12:01:14 2014 +0000 Improve Apache SSL configuration This patch implements changes in the SSL configuration to ensure that Horizon is not vulnerable to common SSL and TLS attack vectors. Change-Id: I2e24ea3b99c7caadfbc8992ac78648cfdc6c301d Closes-Bug: #1404862 ** Changed in: openstack-ansible Status: In Progress => Fix Committed -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1404862 Title: Horizon SSL configuration vulnerable Status in Ansible playbooks for deploying OpenStack: Fix Committed Bug description: Currently the Apache configuration for Horizon is very simple and therefore vulnerable to various forms of SSL and TLS attack vectors. The Qualys SSL test on the default setup results in a C grading. In order to ensure that best practices are implemented and anyone using os-ansible-deployment has a secure by default setup, this needs to be addressed. To manage notifications about this bug go to: https://bugs.launchpad.net/openstack-ansible/+bug/1404862/+subscriptions