diff options
| author | Jannis Hoffmann <jannis@fehcom.de> | 2024-07-14 21:28:19 +0200 |
|---|---|---|
| committer | Jannis Hoffmann <jannis@fehcom.de> | 2024-07-14 21:28:19 +0200 |
| commit | 1087d4df2a7342d2832ba3bab1843bf4a3040775 (patch) | |
| tree | 96cd6ea198cc542f29c0660d5e5f7083af84d711 /conf-ciphers | |
Diffstat (limited to 'conf-ciphers')
| -rw-r--r-- | conf-ciphers | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/conf-ciphers b/conf-ciphers new file mode 100644 index 0000000..c4399d6 --- /dev/null +++ b/conf-ciphers @@ -0,0 +1,16 @@ + +# This is the list of ciphers to use. Sample for TLS < 1.3: + +ALL:!EXP:!MD5:!RC4:!ADH:!DES:!3DES:!PSK:!aNULL + +# This is the list of ciphers to use. Sample for TLS 1.3: + +TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384 + +Comment: + +a) CHACHA20_POLY1305 has preference (hardest to break) +b) AES_128_GCM comes next (-> GCM is 128 bit only!) +c) AES_256_GCM is last (AES is mostly HW accelerated) + +# An empty name means use the ciphers compiled into openssl. |