Files @ 8d272d91d3d2
Branch filter:

Location: majic-ansible-roles/roles/ldap_server/molecule/default/group_vars/parameters-mandatory.yml

8d272d91d3d2 500 B text/x-yaml Show Annotation Show as Raw Download as Raw
branko
MAR-165: Deploy Diffie-Helman parameters for LDAP server in the ldap_server role:

- Not relevant for Debian Strech because of a bug in the OpenLDAP
version it ships with.
- This should allow use of DHE ciphers with LDAP server.
- Generated DH parameters only help pick one of the parameters from
RFC-7919 (based on the size of generated ones).
- Make the cipher test lists distro-specific due to differences
between supported algorithms in respective GnuTLS versions.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
---

ldap_admin_password: adminpassword

ldap_server_domain: "local"

ldap_server_tls_certificate: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.cert.pem') }}"
ldap_server_tls_key: "{{ lookup('file', 'tests/data/x509/server/{{ inventory_hostname }}_ldap.key.pem') }}"

# ldap_client
ldap_client_config:
  - comment: CA truststore
    option: TLS_CACERT
    value: /etc/ssl/certs/testca.cert.pem
  - comment: Ensure TLS is enforced
    option: TLS_REQCERT
    value: demand
This site is powered by Kallithea 0.7.0, which is © 2010–2024 by various authors & licensed under GPLv3.