ejabberd: Set ciphersuites and disable SSLv3 in ejabberd.yml
This commit is contained in:
Ossi Salmi
parent
b8b42cbafc
commit
3bc9793a6c
1 changed files with 12 additions and 0 deletions
|
|
@ -18,6 +18,10 @@ listen:
|
||||||
access: c2s
|
access: c2s
|
||||||
starttls_required: true
|
starttls_required: true
|
||||||
certfile: "/etc/ejabberd/ejabberd.pem"
|
certfile: "/etc/ejabberd/ejabberd.pem"
|
||||||
|
ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
||||||
|
protocol_options:
|
||||||
|
- "no_sslv2"
|
||||||
|
- "no_sslv3"
|
||||||
-
|
-
|
||||||
<% if @ipaddress6 -%>
|
<% if @ipaddress6 -%>
|
||||||
ip: "::"
|
ip: "::"
|
||||||
|
|
@ -29,6 +33,10 @@ listen:
|
||||||
access: c2s
|
access: c2s
|
||||||
tls: true
|
tls: true
|
||||||
certfile: "/etc/ejabberd/ejabberd.pem"
|
certfile: "/etc/ejabberd/ejabberd.pem"
|
||||||
|
ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
||||||
|
protocol_options:
|
||||||
|
- "no_sslv2"
|
||||||
|
- "no_sslv3"
|
||||||
-
|
-
|
||||||
<% if @ipaddress6 -%>
|
<% if @ipaddress6 -%>
|
||||||
ip: "::"
|
ip: "::"
|
||||||
|
|
@ -57,6 +65,10 @@ listen:
|
||||||
s2s_access: s2s
|
s2s_access: s2s
|
||||||
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
|
s2s_certfile: "/etc/ejabberd/ejabberd.pem"
|
||||||
s2s_use_starttls: required
|
s2s_use_starttls: required
|
||||||
|
s2s_ciphers: "<%= scope.lookupvar('ssl::ciphersuites::default_ciphersuites') %>"
|
||||||
|
s2s_protocol_options:
|
||||||
|
- "no_sslv2"
|
||||||
|
- "no_sslv3"
|
||||||
|
|
||||||
<% if @auth.is_a?(Array) -%>
|
<% if @auth.is_a?(Array) -%>
|
||||||
auth_method:
|
auth_method:
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue