New HTTPS settings in System Admin


(Lorne Gaetz) #1

Thanks to the recent efforts of @danardf, the current edge version of System Admin

sysadmin v15.0.21.20
sysadmin v14.0.39.12

has changes to the https setup page that allow an admin to selectively choose which Apache SSL protocols to enable disable. Via the GUI alone, you should have full control of the SSLProtocol line near the top of the generated file /etc/httpd/conf.d/ssl.conf

If you break things such that Apache won’t start, you can edit the above parameter back to:

SSLProtocol all -SSLv2 -SSLv3

and restart apache with

service httpd restart

I found a bug in the custom protocol feature, if you create a custom protocol that you can’t delete via the GUI, you can fix with this SQL query:

fwconsole m
delete from sysadmin_options where `key` like "cust_protocol";