core.certmanager: Update Mozilla TLS config to version 5.7

Ref https://github.com/mozilla/server-side-tls/issues/285
author: Kim Alvefur <zash@zash.se> 2023-07-09 21:18:47 +0200
committer: Kim Alvefur <zash@zash.se> 2023-07-09 21:18:47 +0200
commit: 59f9a608fda54f281658b35688c336f6a22046de (patch)
tree: d154aecdc0e5751bbd8544e9f2b219c15ea941f6
parent: c82f504f6ace095dbc6f738925560d9860771f1f (diff)
download: prosody-59f9a608fda54f281658b35688c336f6a22046de.tar.gz
prosody-59f9a608fda54f281658b35688c336f6a22046de.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 7a82c786..c6310473 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -240,7 +240,7 @@ local core_defaults = {
 
 local mozilla_ssl_configs = {
 	-- https://wiki.mozilla.org/Security/Server_Side_TLS
-	-- Version 5.6 as of 2021-12-26
+	-- Version 5.7 as of 2023-07-09
 	modern = {
 		protocol = "tlsv1_3";
 		options = { cipher_server_preference = false };
@@ -261,6 +261,7 @@ local mozilla_ssl_configs = {
 			"ECDHE-RSA-CHACHA20-POLY1305";
 			"DHE-RSA-AES128-GCM-SHA256";
 			"DHE-RSA-AES256-GCM-SHA384";
+			"DHE-RSA-CHACHA20-POLY1305";
 		};
 		curveslist = { "X25519"; "prime256v1"; "secp384r1" };
 		ciphersuites = { "TLS_AES_128_GCM_SHA256"; "TLS_AES_256_GCM_SHA384"; "TLS_CHACHA20_POLY1305_SHA256" };
author	Kim Alvefur <zash@zash.se>	2023-07-09 21:18:47 +0200
committer	Kim Alvefur <zash@zash.se>	2023-07-09 21:18:47 +0200
commit	59f9a608fda54f281658b35688c336f6a22046de (patch)
tree	d154aecdc0e5751bbd8544e9f2b219c15ea941f6
parent	c82f504f6ace095dbc6f738925560d9860771f1f (diff)
download	prosody-59f9a608fda54f281658b35688c336f6a22046de.tar.gz prosody-59f9a608fda54f281658b35688c336f6a22046de.zip