Change System-Wide Crypto Policy
As of Oracle Linux 8 and later, a default system-wide Crypto Policy no longer permits host systems to communicate with older, insecure protocols. For system configurations that require a different level of protection, Cockpit administrators can change the assigned Crypto Policy level (Default, Legacy, Future, FIPs) by using the web console.
What Do You Need?
- The Cockpit web console must be installed and accessible.
For details, see these topics: Install and Enable Cockpit and Log in to the Cockpit Web Console.
- Administrator privileges.
Steps
WARNING:
Changing the Crypto Policy on the host requires restarting the system.Using the Cockpit web console, follow these steps to change the Crypto Policy configuration on the host system.
- In the Cockpit navigation pane, click Overview.
- In the Overview page, navigate to the
Configuration panel, find the Crypto
policy property, and then click Default (or the
policy name that appears).
The Change Crypto Policy dialog appears with a brief description of each policy level.
- In the Change Crypto Policy dialog, select a policy level that best meets the requirements of the managed system, and then click Apply and Reboot.