33 lines
1.3 KiB
YAML
33 lines
1.3 KiB
YAML
- name: Set Default Ciphers If None Given
|
|
ansible.builtin.set_fact:
|
|
ssl_ciphers:
|
|
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
|
|
- TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384
|
|
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
|
|
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
|
|
- TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
|
|
- TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
|
|
- TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
|
|
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
|
|
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
|
|
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384
|
|
- TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
|
|
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
|
|
- TLS_DHE_DSS_WITH_AES_256_CBC_SHA
|
|
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
|
|
- TLS_DHE_DSS_WITH_AES_128_CBC_SHA
|
|
when: ssl_ciphers is not defined
|
|
|
|
- name: Set SSL Cipher Suite
|
|
ansible.windows.win_regedit:
|
|
path: HKLM:\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010002
|
|
name: Functions
|
|
state: present
|
|
type: multistring
|
|
data: "{{ ssl_ciphers }}"
|