aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKim Alvefur <zash@zash.se>2017-09-27 15:45:07 +0200
committerKim Alvefur <zash@zash.se>2017-09-27 15:45:07 +0200
commit23512ecccc3536188e59bebd153c6d44fb4c3c10 (patch)
tree54c462b26b6b4277dc1d6bfbc99d4a6675ec0905
parent4e7309b640ff6b49aa1d2416dde55418ab25d61a (diff)
downloadprosody-23512ecccc3536188e59bebd153c6d44fb4c3c10.tar.gz
prosody-23512ecccc3536188e59bebd153c6d44fb4c3c10.zip
core.certmanager: Set a default curveslist [sic], fixes #879, #943, #951 if used along with luasec 0.7 and openssl 1.1
-rw-r--r--core/certmanager.lua6
1 files changed, 6 insertions, 0 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua
index 73b346c3..2be66a21 100644
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -107,6 +107,12 @@ local core_defaults = {
};
verifyext = { "lsec_continue", "lsec_ignore_purpose" };
curve = "secp384r1";
+ curveslist = {
+ "X25519",
+ "P-384",
+ "P-256",
+ "P-521",
+ };
ciphers = { -- Enabled ciphers in order of preference:
"HIGH+kEDH", -- Ephemeral Diffie-Hellman key exchange, if a 'dhparam' file is set
"HIGH+kEECDH", -- Ephemeral Elliptic curve Diffie-Hellman key exchange