diff options
author | Kim Alvefur <zash@zash.se> | 2017-09-27 15:45:07 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2017-09-27 15:45:07 +0200 |
commit | e1a94acbb9d847c10417838ac435e4e81a43ed5d (patch) | |
tree | 54c462b26b6b4277dc1d6bfbc99d4a6675ec0905 | |
parent | 8ae2b88fa049b2df5a414566346225062ac028ec (diff) | |
download | prosody-e1a94acbb9d847c10417838ac435e4e81a43ed5d.tar.gz prosody-e1a94acbb9d847c10417838ac435e4e81a43ed5d.zip |
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1
-rw-r--r-- | core/certmanager.lua | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 73b346c3..2be66a21 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -107,6 +107,12 @@ local core_defaults = { }; verifyext = { "lsec_continue", "lsec_ignore_purpose" }; curve = "secp384r1"; + curveslist = { + "X25519", + "P-384", + "P-256", + "P-521", + }; ciphers = { -- Enabled ciphers in order of preference: "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange |