Page MenuHomePhabricator

Make sure that services available for NDA-only users are using strong TLS ciphersuites
Closed, ResolvedPublic

Description

I think that's a fair assumption that our NDA users should be using fairly recent and secure user agents that would allow them to use our strong ciphersuite configuration instead of the mid/compat ones.

Right now I've identified the following services that could be upgraded (probably this list needs to be extended):

Event Timeline

Vgutierrez created this task.
Vgutierrez moved this task from Triage to TLS on the Traffic board.

Change 492656 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] icinga: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492656

Change 492686 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] netbox: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492686

Change 492687 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] librenms: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492687

Change 492686 merged by Vgutierrez:
[operations/puppet@production] netbox: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492686

Change 492687 merged by Vgutierrez:
[operations/puppet@production] librenms: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492687

Change 492656 merged by Volans:
[operations/puppet@production] icinga: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492656

Vgutierrez claimed this task.