increased default TLS security setting
switched default TLS security in config/tls_ciphers from HIGH to HIGH:!SSLv2. Added note for how to set the minimum level of security necessary for PCI compliance. Signed-off-by: Robert <rspier@pobox.com>
This commit is contained in:
parent
d0c9b7cbe5
commit
3a7f46aa3e
@ -1,4 +1,10 @@
|
|||||||
# Override default security using suitable string from available ciphers at
|
# Override default security using suitable string from available ciphers at
|
||||||
# L<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS>
|
# L<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS>
|
||||||
# See plugins/tls for details.
|
# See plugins/tls for details.
|
||||||
HIGH
|
#
|
||||||
|
# HIGH is a reasonable default that should satisfy most installations
|
||||||
|
HIGH:!SSLv2
|
||||||
|
#
|
||||||
|
# if you have legacy clients that require less secure connections,
|
||||||
|
# consider using this less secure, but PCI compliant setting:
|
||||||
|
#DEFAULT:!ADH:!LOW:!EXP:!SSLv2:+HIGH:+MEDIUM
|
||||||
|
Loading…
Reference in New Issue
Block a user