summaryrefslogtreecommitdiffstats
path: root/xrdp/xrdp.ini
diff options
context:
space:
mode:
authorKoichiro IWAO <meta@vmeta.jp>2016-12-13 15:49:13 +0900
committermetalefty <meta@vmeta.jp>2017-02-27 14:17:25 +0900
commite94ab10e14edd2f6ca021cb2c77b9f9031665452 (patch)
tree135cc7231f151da007081c6b1ca4798a846c74c6 /xrdp/xrdp.ini
parent657f6f3756f883e2a5899eaff9e0e59c4bc67995 (diff)
downloadxrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.tar.gz
xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.zip
TLS: new method to specify SSL/TLS version
SSL/TLS protocols only listed in ssl_protocols should be used. The name "ssl_protocols" comes from nginx. Resolves #428.
Diffstat (limited to 'xrdp/xrdp.ini')
-rw-r--r--xrdp/xrdp.ini5
1 files changed, 3 insertions, 2 deletions
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini
index 70e7afb9..ce4df137 100644
--- a/xrdp/xrdp.ini
+++ b/xrdp/xrdp.ini
@@ -25,8 +25,9 @@ crypt_level=high
; openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365
certificate=
key_file=
-; specify whether SSLv3 should be disabled
-#disableSSLv3=true
+; set SSL protocols
+; can be space separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2'
+ssl_protocols=TLSv1 TLSv1.1 TLSv1.2
; set TLS cipher suites
#tls_ciphers=HIGH