From c4d5c1ebb8968ebb37e9d7349151c1d2dc386e3f Mon Sep 17 00:00:00 2001
From: stonezdj <daojunz@vmware.com>
Date: Mon, 26 Feb 2024 13:34:05 +0800
Subject: [PATCH] Check if the internal_tls_config is not null when get
 strong_ssl_cipher value

Signed-off-by: stonezdj <daojunz@vmware.com>
---
 make/photon/prepare/utils/configs.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/make/photon/prepare/utils/configs.py b/make/photon/prepare/utils/configs.py
index 3a126621534..aff7867295f 100644
--- a/make/photon/prepare/utils/configs.py
+++ b/make/photon/prepare/utils/configs.py
@@ -303,10 +303,13 @@ def parse_yaml_config(config_file_path, with_trivy):
     # for compatibility, user could configure the strong_ssl_ciphers either in https section or under internal_tls section,
     # but it is more reasonable to configure it in https_config
     if https_config:
-        config_dict['strong_ssl_ciphers'] =  https_config.get('strong_ssl_ciphers') or internal_tls_config.get('strong_ssl_ciphers')
+        config_dict['strong_ssl_ciphers'] = https_config.get('strong_ssl_ciphers') 
     else:
         config_dict['strong_ssl_ciphers'] = False
 
+    if internal_tls_config:
+        config_dict['strong_ssl_ciphers'] = config_dict['strong_ssl_ciphers'] or internal_tls_config.get('strong_ssl_ciphers')
+
 
     # ip_family config
     config_dict['ip_family'] = configs.get('ip_family') or {'ipv4': {'enabled': True}, 'ipv6': {'enabled': False}}