container/user-access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add tls config

Browse Source
This commit is contained in:
Sebastian Hugentobler 2016-10-14 06:27:38 +02:00
parent 78d4f972d1
commit 406b247a66
No known key found for this signature in database
GPG Key ID: 7BBE74D3F626FC0F
1 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
rootfs/etc/confd/templates/proftpd.conf.tmpl
View File

@ -18,6 +18,23 @@ PassivePorts {{getenv "PASSIVE_LOWER_BOUND"}} {{getenv "PASSIVE_UPPER_BOUND"}}
DenyAll DenyAll
</Limit> </Limit>
<IfModule mod_tls.c>
TLSEngine on
TLSProtocol TLSv1.2
TLSRequired on
TLSRSACertificateFile /etc/ssl/proftp/fullchain.pem
TLSRSACertificateKeyFile /etc/ssl/proftp/provkey.pem
# CA the server trusts
TLSCACertificateFile /etc/ftpd/root.cert.pem
TLSVerifyClient off
TLSServerCipherPreference on
TLSSessionCache internal: 1800
TLSCipherSuite AES128+EECDH:AES128+EDH
</IfModule>
<IfModule mod_ldap.c> <IfModule mod_ldap.c>
AuthOrder mod_ldap.c AuthOrder mod_ldap.c