diff options
author | Kim Alvefur <zash@zash.se> | 2017-09-27 15:45:07 +0200 |
---|---|---|
committer | Kim Alvefur <zash@zash.se> | 2017-09-27 15:45:07 +0200 |
commit | 23512ecccc3536188e59bebd153c6d44fb4c3c10 (patch) | |
tree | 54c462b26b6b4277dc1d6bfbc99d4a6675ec0905 | |
parent | 4e7309b640ff6b49aa1d2416dde55418ab25d61a (diff) | |
download | prosody-23512ecccc3536188e59bebd153c6d44fb4c3c10.tar.gz prosody-23512ecccc3536188e59bebd153c6d44fb4c3c10.zip |
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1
-rw-r--r-- | core/certmanager.lua | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 73b346c3..2be66a21 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -107,6 +107,12 @@ local core_defaults = { }; verifyext = { "lsec_continue", "lsec_ignore_purpose" }; curve = "secp384r1"; + curveslist = { + "X25519", + "P-384", + "P-256", + "P-521", + }; ciphers = { -- Enabled ciphers in order of preference: "HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set "HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange |