diff options
Diffstat (limited to 'conf-ciphers')
| -rw-r--r-- | conf-ciphers | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/conf-ciphers b/conf-ciphers new file mode 100644 index 0000000..c4399d6 --- /dev/null +++ b/conf-ciphers @@ -0,0 +1,16 @@ + +# This is the list of ciphers to use. Sample for TLS < 1.3: + +ALL:!EXP:!MD5:!RC4:!ADH:!DES:!3DES:!PSK:!aNULL + +# This is the list of ciphers to use. Sample for TLS 1.3: + +TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384 + +Comment: + +a) CHACHA20_POLY1305 has preference (hardest to break) +b) AES_128_GCM comes next (-> GCM is 128 bit only!) +c) AES_256_GCM is last (AES is mostly HW accelerated) + +# An empty name means use the ciphers compiled into openssl. |