majic-ansible-roles Changeset

Changeset - 3e20da821a68

Parent rev.

Child rev.

[Not reviewed]

0 1 0

Branko Majic (branko) - 3 months ago 2024-02-10 22:10:55
branko@majic.rs

MAR-191: Update reference to Debian Buster - same warning still applicable under Bullseye and upwards.

1 file changed with 3 insertions and 3 deletions:

docs/rolereference.rst

0 comments (0 inline, 0 general)

docs/rolereference.rst

➞

Show inline comments

@@ @@ -784,15 +784,15 @@ Parameters @@
   Minimum *Security Strength Factor* to require from all incoming
   connections. This applies for both remote and local connections.
 **ldap_tls_ciphers** (string, optional ``NONE:+VERS-TLS1.2:+CTYPE-X509:+COMP-NULL:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:+DHE-RSA:+ECDHE-RSA:+SHA256:+SHA384:+SHA512:+AEAD:+AES-128-GCM:+AES-256-GCM:+CHACHA20-POLY1305:+CURVE-ALL``)
   .. warning::
      Under Debian Buster, slapd will not use the DH parameters
      generated by the role, but will instead use them to pick one of
      the recommended DH parameters from `RFC-7919
      Under Debian Bullseye and upwards, slapd will not use the DH
      parameters generated by the role, but will instead use them to
      pick one of the recommended DH parameters from `RFC-7919
      <https://www.ietf.org/rfc/rfc7919.txt>`_. This is based on the
      size of role-generated parameters.
   TLS ciphers to enable on the LDAP server. This should be a GnuTLS-compatible
   cipher specification that should also include what TLS protocol versions
   should be used. Value should be compatible with OpenLDAP server option

0 comments (0 inline, 0 general)