1] What is the nature and description of the request?
The customer is requesting the ability to update and persist SSL configuration (such as disabling medium-strength ciphers and remediating SWEET32 vulnerabilities) in a containerized installation of Ansible Automation Platform (AAP) 2.5 running on Podman. Currently, there is no straightforward or documented way to modify and persist these SSL configurations across reboots without reinstalling or risking disruption to the production environment.

2] Why does the customer need this? (List the business requirements here)

• To comply with security hardening requirements by disabling medium-strength ciphers and mitigating known SSL vulnerabilities (e.g., SWEET32).

• To ensure SSL/TLS configurations can be customized and maintained in production environments without requiring a reinstall or manual intervention after each reboot.

• To improve operational efficiency by providing a supported method to apply SSL security configurations in a containerized AAP installation.

3] How would you like to achieve this? (List the functional requirements here)

• Provide a documented, supported mechanism (configuration file, environment variable, or AAP setting) to modify SSL/TLS cipher suites and protocols in containerized AAP deployments.

• Ensure that these changes are persistent across container restarts and host reboots.

• Avoid requiring reinstallation or unsupported manual edits to container internals.

• Ideally, allow administrators to apply these changes through configuration management (e.g., inventory variables, installer options, or custom configuration files mounted into containers).