External-Mirrors/awx
2
0
Fork 0
mirror of https://github.com/ansible/awx.git synced 2026-05-06 08:57:35 -02:30
Code Issues Packages Projects Releases Wiki Activity

Allow TLS 1.2 for Receptor connections

Browse Source 
- Required for FIPS environment where TLS 1.3 is
not supported
- TLS 1.3 can still be used if the nodes
both agree to use during handshake.
This commit is contained in:
Seth Foster
2023-03-27 11:07:30 -04:00
parent bf98f62654
commit db2253601d
2 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
awx/api/templates/instance_install_bundle/group_vars/all.yml
View File

@@ -2,6 +2,7 @@ receptor_user: awx
receptor_group: awx receptor_group: awx
receptor_verify: true receptor_verify: true
receptor_tls: true receptor_tls: true
receptor_mintls13: false
receptor_work_commands: receptor_work_commands:
ansible-runner: ansible-runner:
command: ansible-runner command: ansible-runner

1
awx/main/tasks/receptor.py
View File

@@ -668,6 +668,7 @@ RECEPTOR_CONFIG_STARTER = (
'rootcas': '/etc/receptor/tls/ca/receptor-ca.crt', 'rootcas': '/etc/receptor/tls/ca/receptor-ca.crt',
'cert': '/etc/receptor/tls/receptor.crt', 'cert': '/etc/receptor/tls/receptor.crt',
'key': '/etc/receptor/tls/receptor.key', 'key': '/etc/receptor/tls/receptor.key',
'mintls13': False,
} }
}, },
) )