Re #80, sets SECLEVEL=1 in openssl.conf to allow monitoring sites with weak/old cipher suites (#312)

* set SECLEVEL=1 in openssl.conf to allow monitoring sites with weak/old cipher suites * Re #80, sets SECLEVEL=1 in openssl.conf to allow monitoring sites with weak/old cipher suites
2 years ago · 2857c7bb77
parent df951637c4
commit 2857c7bb77
1 changed files with 3 additions and 0 deletions
--- a/3
+++ b/3
@ -42,6 +42,9 @@ ENV PYTHONUNBUFFERED=1

 RUN [ ! -d "/datastore" ] && mkdir /datastore

+# Re #80, sets SECLEVEL=1 in openssl.conf to allow monitoring sites with weak/old cipher suites
+RUN sed -i 's/^CipherString = .*/CipherString = DEFAULT@SECLEVEL=1/' /etc/ssl/openssl.cnf
+
 # Copy modules over to the final image and add their dir to PYTHONPATH
 COPY --from=builder /dependencies /usr/local
 ENV PYTHONPATH=/usr/local