3a7f46aa3e
switched default TLS security in config/tls_ciphers from HIGH to HIGH:!SSLv2. Added note for how to set the minimum level of security necessary for PCI compliance. Signed-off-by: Robert <rspier@pobox.com>
11 lines
434 B
Plaintext
11 lines
434 B
Plaintext
# Override default security using suitable string from available ciphers at
|
|
# L<http://www.openssl.org/docs/apps/ciphers.html#CIPHER_STRINGS>
|
|
# See plugins/tls for details.
|
|
#
|
|
# HIGH is a reasonable default that should satisfy most installations
|
|
HIGH:!SSLv2
|
|
#
|
|
# if you have legacy clients that require less secure connections,
|
|
# consider using this less secure, but PCI compliant setting:
|
|
#DEFAULT:!ADH:!LOW:!EXP:!SSLv2:+HIGH:+MEDIUM
|