diff options
| author | Alexander Barton <alex@barton.de> | 2013-09-16 17:32:25 +0200 |
|---|---|---|
| committer | Alexander Barton <alex@barton.de> | 2013-09-16 17:32:25 +0200 |
| commit | d0977258ee14a5178e98c9a00c064d90f0eac9d6 (patch) | |
| tree | 50378cadd880f904f00c99662ef5d512ee5b4257 /doc | |
| parent | 2cebfc54f5c450577e0a6d4f61a421ac2396e44e (diff) | |
| parent | b9006acee3649600226652a8361f13c859726cf2 (diff) | |
| download | ngircd-d0977258ee14a5178e98c9a00c064d90f0eac9d6.tar.gz ngircd-d0977258ee14a5178e98c9a00c064d90f0eac9d6.zip | |
Merge remote-tracking branch 'alex/bug162-SSLCipherList'
* alex/bug162-SSLCipherList: Cipher list selection for GnuTLS ConnSSL_Init_SSL(): correctly set CONN_SSL flag Cipher list selection for OpenSSL ConnSSL_InitLibrary(): Code cleanup
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/sample-ngircd.conf.tmpl | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/doc/sample-ngircd.conf.tmpl b/doc/sample-ngircd.conf.tmpl index ae1b2139..1bdf01ee 100644 --- a/doc/sample-ngircd.conf.tmpl +++ b/doc/sample-ngircd.conf.tmpl @@ -248,6 +248,17 @@ # SSL Server Key Certificate ;CertFile = :ETCDIR:/ssl/server-cert.pem + # Select cipher suites allowed for SSL/TLS connections. This defaults + # to the empty string, so all supported ciphers are allowed. Please + # see 'man 1ssl ciphers' (OpenSSL) and 'man 3 gnutls_priority_init' + # (GnuTLS) for details. + # For example, this setting allows only "high strength" cipher suites, + # disables the ones without authentication, and sorts by strength: + # For OpenSSL: + ;CipherList = HIGH:!aNULL:@STRENGTH + # For GnuTLS: + ;CipherList = SECURE128 + # Diffie-Hellman parameters ;DHFile = :ETCDIR:/ssl/dhparams.pem |