container/user-access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add tls config

Browse Source
This commit is contained in:
Sebastian Hugentobler 2016-10-14 06:29:05 +02:00
parent 406b247a66
commit f9461f3d80
No known key found for this signature in database
GPG Key ID: 7BBE74D3F626FC0F
1 changed files with 3 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
rootfs/etc/confd/templates/proftpd.conf.tmpl
View File

@ -20,19 +20,16 @@ PassivePorts {{getenv "PASSIVE_LOWER_BOUND"}} {{getenv "PASSIVE_UPPER_BOUND"}}
<IfModule mod_tls.c> <IfModule mod_tls.c>
TLSEngine on TLSEngine on
TLSProtocol TLSv1.2 TLSProtocol {{getenv "TLS_PROTOCOL" "TLSv1.2"}}
TLSRequired on TLSRequired on
TLSRSACertificateFile /etc/ssl/proftp/fullchain.pem TLSRSACertificateFile /etc/ssl/proftp/fullchain.pem
TLSRSACertificateKeyFile /etc/ssl/proftp/provkey.pem TLSRSACertificateKeyFile /etc/ssl/proftp/privkey.pem
# CA the server trusts
TLSCACertificateFile /etc/ftpd/root.cert.pem
TLSVerifyClient off TLSVerifyClient off
TLSServerCipherPreference on TLSServerCipherPreference on
TLSSessionCache internal: 1800 TLSSessionCache internal: 1800
TLSCipherSuite AES128+EECDH:AES128+EDH TLSCipherSuite {{getenv "TLS_CIPHERS" "AES128+EECDH:AES128+EDH"}}
</IfModule> </IfModule>
<IfModule mod_ldap.c> <IfModule mod_ldap.c>