Browse Source

[mod_openssl] fix default cipher string

personal/stbuehler/wip
Stefan Bühler 8 years ago
parent
commit
09002ad827
  1. 2
      doc/mod_openssl.xml
  2. 2
      src/modules/mod_openssl.c

2
doc/mod_openssl.xml

@ -16,7 +16,7 @@
<short>file containing the intermediate certificates</short>
</entry>
<entry name="ciphers">
<short>OpenSSL ciphers string</short>
<short>OpenSSL ciphers string (default: "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK")</short>
</entry>
<entry name="dh-params">
<short>filename with generated dh-params (default: fixed 4096-bit parameters)</short>

2
src/modules/mod_openssl.c

@ -493,7 +493,7 @@ static gboolean openssl_setup(liServer *srv, liPlugin* p, liValue *val, gpointer
STACK_OF(X509_NAME) *client_ca_list;
const char
*default_ciphers = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM",
*default_ciphers = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK",
*default_ecdh_curve = "prime256v1";
/* setup defaults */

Loading…
Cancel
Save