Related to #7667, IPA should use the system-wide default settings for TLS ciphers. In the past IPA had to override the default settings because OpenSSL configured weak ciphers. This has changed with OpenSSL 1.0.2 and newer. The new defaults are safe.
On Fedora and RHEL 8, the default cipher suites are configured by the system-wide crypto policy. Currently only the Fedora platform uses the system-wide settings with additional modifications. On RHEL, the system-wide policy is ignored.
master:
Metadata Update from @cheimes: - Issue close_status updated to: fixed - Issue status updated to: Closed (was: Open)
Log in to comment on this ticket.