51369b610e
When an include is not surrounded by empty lines, its content is inlined on the same line as the adjacent content. That can lead to broken tags and other display issues. This PR fixes all such includes and introduces a validation step that forbids introducing the same problem again.
63 lines
1.1 KiB
Plaintext
63 lines
1.1 KiB
Plaintext
|
|
include::../summary.adoc[]
|
|
|
|
== Why is this an issue?
|
|
|
|
include::../rationale.adoc[]
|
|
|
|
include::../impact.adoc[]
|
|
|
|
// How to fix it section
|
|
|
|
include::how-to-fix-it/ssl.adoc[]
|
|
|
|
include::how-to-fix-it/openssl.adoc[]
|
|
|
|
include::how-to-fix-it/aws-cdk.adoc[]
|
|
|
|
== Resources
|
|
|
|
include::../common/resources/docs.adoc[]
|
|
|
|
include::../common/resources/articles.adoc[]
|
|
|
|
include::../common/resources/presentations.adoc[]
|
|
|
|
include::../common/resources/standards.adoc[]
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
=== Message
|
|
|
|
**OpenSSL and ssl modules**
|
|
|
|
When the system default is used:
|
|
|
|
> Change this code to explicitly enforce TLSv1.2 or above.
|
|
|
|
In all other cases:
|
|
|
|
> Change this code to enforce TLS 1.2 or above.
|
|
|
|
**AWS APIGateway**
|
|
|
|
> Change this code to enforce TLS 1.2 or above.
|
|
|
|
**AWS OpenSearch / Elasticsearch**
|
|
|
|
> Omitting "tls_security_policy" enables a deprecated version of TLS. Set it to enforce TLS 1.2 or above.
|
|
|
|
> Change this code to enforce TLS 1.2 or above.
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
|
|
endif::env-github,rspecator-view[]
|