Proxmox Without SSL
- Thread starter melona380
- Start date
Would changing the pve proxy config file from
ssl => {
# Note: older versions are considered insecure, for example
# search for "Poodle"-Attac
method => 'tlsv1',
sslv2 => 0,
sslv3 => 0,
cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
key_file => '/etc/pve/local/pve-ssl.key',
cert_file => '/etc/pve/local/pve-ssl.pem',
},
To THIS Work in successfully shuting off SSL
ssl => {
# Note: older versions are considered insecure, for example
# search for "Poodle"-Attac
method => 0,
sslv2 => 0,
sslv3 => 0,
cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
key_file => '/etc/pve/local/pve-ssl.key',
cert_file => '/etc/pve/local/pve-ssl.pem',
},
ssl => {
# Note: older versions are considered insecure, for example
# search for "Poodle"-Attac
method => 'tlsv1',
sslv2 => 0,
sslv3 => 0,
cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
key_file => '/etc/pve/local/pve-ssl.key',
cert_file => '/etc/pve/local/pve-ssl.pem',
},
To THIS Work in successfully shuting off SSL
ssl => {
# Note: older versions are considered insecure, for example
# search for "Poodle"-Attac
method => 0,
sslv2 => 0,
sslv3 => 0,
cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
key_file => '/etc/pve/local/pve-ssl.key',
cert_file => '/etc/pve/local/pve-ssl.pem',
},
Really really not recommended, exposes the whole API (with access to the storage, and every other resource). The only thing it changes for you is that your system becomes more vulnerable. Any problems with the SSL connection?
