SSL-TLS settings V2
Description
This playbook configures SSL/TLS settings on specified hosts. It disables insecure protocols (e.g., SSL 2.0, SSL 3.0, TLS 1.0, TLS 1.1), ciphers (e.g., DES, RC4), hashes (e.g., MD5, SHA), and key exchange algorithms (e.g., PKCS, RSA). It enables secure protocols (TLS 1.2, TLS 1.3), ciphers (AES 128/256), hashes (SHA256/384/512), and key exchange algorithms (Diffie-Hellman, ECDH). It also sets cipher suite orders for TLS 1.2 and 1.3, configures longer DHE key shares, and updates .NET Framework and Internet Explorer settings to use TLS 1.2. This is V2 of the playbook initially made in 2025
Credentials
- sys_ansible_windows
Input
| Variable | Description |
|---|---|
target |
FQDN name of the server to configure |
Output
None