Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The previous list of ciphers was allowing weak algorithms. The fix removes: - kECDH: cipher suites using fixed ECDH key agreement signed by CAs with RSA and ECDSA keys or either respectively. - kDH: cipher suites using DH key agreement and DH certificates signed by CAs with RSA and DSS keys or either respectively. Fixes: https://pagure.io/freeipa/issue/8000 Reviewed-By: Christian Heimes <cheimes@redhat.com>
- Loading branch information