Commit f6bc4a73 authored by Dietmar Maurer's avatar Dietmar Maurer

pveproxy: also support newer tls versions

parent bc628e80
...@@ -107,7 +107,8 @@ eval { ...@@ -107,7 +107,8 @@ eval {
ssl => { ssl => {
# Note: older versions are considered insecure, for example # Note: older versions are considered insecure, for example
# search for "Poodle"-Attac # search for "Poodle"-Attac
method => "tlsv1", sslv2 => 0,
sslv3 => 0,
cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5', cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
key_file => '/etc/pve/local/pve-ssl.key', key_file => '/etc/pve/local/pve-ssl.key',
cert_file => '/etc/pve/local/pve-ssl.pem', cert_file => '/etc/pve/local/pve-ssl.pem',
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment