Page MenuHomePhabricator
Create Task
Maniphest T217002

Make sure that services available for NDA-only users are using strong TLS ciphersuites
Closed, ResolvedPublic
Actions

Description

I think that's a fair assumption that our NDA users should be using fairly recent and secure user agents that would allow them to use our strong ciphersuite configuration instead of the mid/compat ones.

Right now I've identified the following services that could be upgraded (probably this list needs to be extended):

Details

SubjectRepoBranchLines +/-
icinga: Make use of the strong TLS ciphersuites configurationoperations/puppetproduction+1 -1
librenms: Make use of the strong TLS ciphersuites configurationoperations/puppetproduction+1 -1
netbox: Make use of the strong TLS ciphersuites configurationoperations/puppetproduction+1 -1
Customize query in gerrit

Related Objects
Search...

Event Timeline

Vgutierrez triaged this task as Medium priority.Feb 25 2019, 10:35 AM
Vgutierrez created this task.
Vgutierrez moved this task from Backlog to TLS on the Traffic board.
gerritbot subscribed.Feb 25 2019, 12:13 PM

Change 492656 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] icinga: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492656

gerritbot added a project: Patch-For-Review.Feb 25 2019, 12:13 PM
gerritbot added a comment.Feb 25 2019, 3:06 PM

Change 492686 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] netbox: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492686

gerritbot added a comment.Feb 25 2019, 3:06 PM

Change 492687 had a related patch set uploaded (by Vgutierrez; owner: Vgutierrez):
[operations/puppet@production] librenms: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492687

Vgutierrez updated the task description. (Show Details)Feb 25 2019, 3:08 PM
Vgutierrez added subscribers: Volans, ayounsi.
gerritbot added a comment.Feb 25 2019, 4:48 PM

Change 492686 merged by Vgutierrez:
[operations/puppet@production] netbox: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492686

gerritbot added a comment.Feb 25 2019, 4:52 PM

Change 492687 merged by Vgutierrez:
[operations/puppet@production] librenms: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492687

Vgutierrez updated the task description. (Show Details)Feb 25 2019, 4:54 PM
gerritbot added a comment.Feb 27 2019, 1:47 PM

Change 492656 merged by Volans:
[operations/puppet@production] icinga: Make use of the strong TLS ciphersuites configuration

https://gerrit.wikimedia.org/r/492656

Vgutierrez removed a project: Patch-For-Review.Feb 27 2019, 3:31 PM
Vgutierrez updated the task description. (Show Details)
Vgutierrez closed this task as Resolved.Apr 8 2019, 2:00 PM
Vgutierrez claimed this task.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL