remove dh param generation

This commit is contained in:
Sebastian Hugentobler 2021-08-22 23:44:43 +02:00
parent fa7d9c7175
commit a66a8e0431
Signed by: shu
GPG Key ID: BB32CF3CA052C2F0

View File

@ -1,7 +1,7 @@
ssl = yes ssl = yes
ssl_cert = </etc/ssl/mail/tls.crt ssl_cert = </etc/ssl/mail/tls.crt
ssl_key = </etc/ssl/mail/tls.key ssl_key = </etc/ssl/mail/tls.key
ssl_dh=</etc/ssl/mail/dh.pem ssl_dh=</etc/dovecot/keys/dh.pem
ssl_min_protocol = {{getenv "SSL_MIN_PROTOCOL" "TLSv1.2"}} ssl_min_protocol = {{getenv "SSL_MIN_PROTOCOL" "TLSv1.2"}}
ssl_cipher_list = {{getenv "SSL_CIPHERLIST" "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"}} ssl_cipher_list = {{getenv "SSL_CIPHERLIST" "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"}}
ssl_prefer_server_ciphers = yes ssl_prefer_server_ciphers = yes