container/dovecot
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update cipher lists

Browse source
This commit is contained in:
Sebastian Hugentobler 2019-02-18 13:30:33 +01:00
parent c6e51bfd05
commit 6b032be7a4
3 changed files with 5 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

4
rootfs/etc/confd/templates/10-ssl.conf.tmpl
View file

@ -2,6 +2,6 @@ ssl = yes
ssl_cert = </etc/ssl/mail/{{ getenv "CERT_DOMAIN"}}.crt
ssl_key = </etc/ssl/mail/{{ getenv "CERT_DOMAIN"}}.key
ssl_dh=</etc/ssl/mail/dh.pem
ssl_min_protocol = {{getenv "SSL_MIN_PROTOCOL" "TLSv1"}}
ssl_cipher_list = {{getenv "SSL_CIPHERLIST" "ALL:!kRSA:!SRP:!kDHd:!DSS:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4:!ADH:!LOW@STRENGTH "}}
ssl_min_protocol = {{getenv "SSL_MIN_PROTOCOL" "TLSv1.2"}}
ssl_cipher_list = {{getenv "SSL_CIPHERLIST" "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"}}
ssl_prefer_server_ciphers = yes