From 4c87577cb2b3d35abd3c833c88ad18ddcd64b3b0 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Hanno=20B=C3=B6ck?= <hanno@gentoo.org>
Date: Fri, 19 Dec 2014 04:09:45 +0100
Subject: [PATCH] Disable deprecated SSLv3 (POODLE fix)

---
 cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
index 60059837b..2a9bbb11e 100644
--- a/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
+++ b/cookbooks/tilecache/templates/default/nginx_tile_ssl.conf.erb
@@ -7,7 +7,7 @@ server {
     ssl_certificate      /etc/ssl/certs/<%= @certificate %>.pem;
     ssl_certificate_key  /etc/ssl/private/<%= @certificate %>.key;
 
-    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv3;
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_ciphers aRSA+HIGH:+kEDH:+kRSA:!kSRP:!kPSK:+3DES:!MD5;
     ssl_prefer_server_ciphers on;
     ssl_session_cache shared:SSL:30m;
-- 
2.43.2