diff options
| author | Matthew Wild <mwild1@gmail.com> | 2013-11-21 02:11:09 +0000 |
|---|---|---|
| committer | Matthew Wild <mwild1@gmail.com> | 2013-11-21 02:11:09 +0000 |
| commit | 3c6fe7b2928700cbfb8a919046705c3821139ab8 (patch) | |
| tree | 999fa993e1be4d806f987084f99b913cd6cec6af /core | |
| parent | 27a7eea80ac5e06992e076adc1a0b5d52e7e948f (diff) | |
| download | prosody-3c6fe7b2928700cbfb8a919046705c3821139ab8.tar.gz prosody-3c6fe7b2928700cbfb8a919046705c3821139ab8.zip | |
certmanager: Further cipher string tweaking. Re-enable ciphers required for DSA and ECDH certs/keys.
Diffstat (limited to 'core')
| -rw-r--r-- | core/certmanager.lua | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/core/certmanager.lua b/core/certmanager.lua index 976b0a88..d6784a96 100644 --- a/core/certmanager.lua +++ b/core/certmanager.lua @@ -70,7 +70,7 @@ function create_context(host, mode, user_ssl_config) options = user_ssl_config.options or default_options; depth = user_ssl_config.depth; curve = user_ssl_config.curve or "secp384r1"; - ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH+kRSA:!DSS:!3DES:!aNULL"; + ciphers = user_ssl_config.ciphers or "HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL"; dhparam = user_ssl_config.dhparam; }; |