diff options
| author | Koichiro IWAO <meta@vmeta.jp> | 2016-12-13 15:49:13 +0900 |
|---|---|---|
| committer | metalefty <meta@vmeta.jp> | 2017-02-27 14:17:25 +0900 |
| commit | e94ab10e14edd2f6ca021cb2c77b9f9031665452 (patch) | |
| tree | 135cc7231f151da007081c6b1ca4798a846c74c6 /xrdp | |
| parent | 657f6f3756f883e2a5899eaff9e0e59c4bc67995 (diff) | |
| download | xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.tar.gz xrdp-proprietary-e94ab10e14edd2f6ca021cb2c77b9f9031665452.zip | |
TLS: new method to specify SSL/TLS version
SSL/TLS protocols only listed in ssl_protocols should be used.
The name "ssl_protocols" comes from nginx.
Resolves #428.
Diffstat (limited to 'xrdp')
| -rw-r--r-- | xrdp/xrdp.ini | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/xrdp/xrdp.ini b/xrdp/xrdp.ini index 70e7afb9..ce4df137 100644 --- a/xrdp/xrdp.ini +++ b/xrdp/xrdp.ini @@ -25,8 +25,9 @@ crypt_level=high ; openssl req -x509 -newkey rsa:2048 -nodes -keyout key.pem -out cert.pem -days 365 certificate= key_file= -; specify whether SSLv3 should be disabled -#disableSSLv3=true +; set SSL protocols +; can be space separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2' +ssl_protocols=TLSv1 TLSv1.1 TLSv1.2 ; set TLS cipher suites #tls_ciphers=HIGH |