[ClusterLabs] Corosync-Qdevice SSL Ciphers

Jan Friesse jfriesse at redhat.com
Wed Jan 22 09:19:08 EST 2020


Hi,

> Hi ,
> 
> In case the nss.config is not configured, what will be the ciphers used.

nss.config (if exists) contains list of allowed ciphers. Otherwise it 
really depends on NSS version and what options were used during compilation.

Regards,
   Honza

> 
> 
> 
> With Regards
> Somanath Thilak J
> 
> -----Original Message-----
> From: Jan Friesse <jfriesse at redhat.com>
> Sent: Wednesday, January 22, 2020 13:45
> To: Cluster Labs - All topics related to open-source clustering welcomed <users at clusterlabs.org>; Somanath Jeeva <somanath.jeeva at ericsson.com>
> Subject: Re: [ClusterLabs] Corosync-Qdevice SSL Ciphers
> 
> Somanath,
> 
>> Hi ,
>>
>> Is there a way to find/restrict the list of ciphers used by corosync-qnetd similar to the PCSD_SSL_CIPHERS variable in /etc/sysconfig/pcsd configuration file.
> 
> Nope. But qnetd is using NSS so it is possible to change the system policy in /etc/crypto-policies/back-ends/nss.config and qnetd will use these settings.
> 
> Regards,
>     Honza
> 
> 
>>
>>
>> With Regards
>> Somanath Thilak J
>>
>>
>>
>>
>> _______________________________________________
>> Manage your subscription:
>> https://protect2.fireeye.com/v1/url?k=541c38c8-0896edde-541c7853-862f1
>> 4a9365e-d4cfaa0b3e0660da&q=1&e=4a1cd511-8c19-49cb-a44c-4d34eba19a5c&u=
>> https%3A%2F%2Flists.clusterlabs.org%2Fmailman%2Flistinfo%2Fusers
>>
>> ClusterLabs home:
>> https://protect2.fireeye.com/v1/url?k=ef5b5666-b3d18370-ef5b16fd-862f1
>> 4a9365e-6de4900a36a26f81&q=1&e=4a1cd511-8c19-49cb-a44c-4d34eba19a5c&u=
>> https%3A%2F%2Fwww.clusterlabs.org%2F
>>
> 



More information about the Users mailing list