SSL.conf is being Overwritten

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
spencer4hire999
New Forum User
New Forum User
Posts: 1
Joined: Wed Dec 23, 2015 10:36 am
Location: New York

SSL.conf is being Overwritten

Unread post by spencer4hire999 »

It seems that whenever ASL runs a update on our system it updates the configs, in this case our SSL.conf and then spawns daemon restarts.

When it updates our SSL.conf it breaks our phone system which relies on the cert because the cert then become too secure and dos not allow our phone system to operate properly.

How can we stop ASL from overwriting our SSL config? Please help.

Also I am very new to ASL and Linux in general so forgive me for any ignorance.
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:

Re: SSL.conf is being Overwritten

Unread post by scott »

Do you know specifically what it is your PBX needs? Perhaps weaker SSL protocol settings?

You can control that from ASL-Web->ASL Configuration->Apache Security

SSL Protocol, defaults to TLS only. If your PBX only supports SSLv3, set this to: TLS+SSLv3 (please note, this does introduce the POODLE vulnerability, and you'll get a popup warning). I suspect this is what you need

and

SSL ciphersuite, defaults to "strong". Setting this to "medium" uses a much lower classification ciphersuite. You may not need to use this setting
Post Reply