Reviewed: https://review.openstack.org/147134 Committed: https://git.openstack.org/cgit/stackforge/os-ansible-deployment/commit/?id=7372aa204fb0cfadb081c74e03b05149127a7836 Submitter: Jenkins Branch: icehouse commit 7372aa204fb0cfadb081c74e03b05149127a7836 Author: Jesse Pretorius <jesse.pretorius at rackspace.co.uk> Date: Mon Dec 22 12:01:14 2014 +0000 Improve Apache SSL configuration This patch implements changes in the SSL configuration to ensure that Horizon is not vulnerable to common SSL and TLS attack vectors. Change-Id: I2e24ea3b99c7caadfbc8992ac78648cfdc6c301d Closes-Bug: #1404862 (cherry picked from commit b11236a6e25585c49c6bdf7d15eb17542bca0c88) -- You received this bug notification because you are a member of OpenStack Security Group, which is subscribed to OpenStack. https://bugs.launchpad.net/bugs/1404862 Title: Horizon SSL configuration vulnerable Status in Ansible playbooks for deploying OpenStack: Fix Committed Status in openstack-ansible icehouse series: In Progress Status in openstack-ansible juno series: In Progress Bug description: Currently the Apache configuration for Horizon is very simple and therefore vulnerable to various forms of SSL and TLS attack vectors. The Qualys SSL test on the default setup results in a C grading. In order to ensure that best practices are implemented and anyone using os-ansible-deployment has a secure by default setup, this needs to be addressed. To manage notifications about this bug go to: https://bugs.launchpad.net/openstack-ansible/+bug/1404862/+subscriptions