diff options
author | Christian Pointner <equinox@spreadspace.org> | 2017-07-02 01:58:11 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2017-07-02 01:58:11 +0200 |
commit | 92820f73dc1eaf7869a8656ccafb13c38cdc77d5 (patch) | |
tree | e1c1acff908c4107922c637c17bcf013146d1fc3 /src/daq/s5proxy/sample.json | |
parent | initial work to make tls parameter configurable (diff) |
tls settings con now be fully configured
Diffstat (limited to 'src/daq/s5proxy/sample.json')
-rw-r--r-- | src/daq/s5proxy/sample.json | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/src/daq/s5proxy/sample.json b/src/daq/s5proxy/sample.json index 8ec6dc1..cd72df2 100644 --- a/src/daq/s5proxy/sample.json +++ b/src/daq/s5proxy/sample.json @@ -3,8 +3,21 @@ "protocol": "http+https", "redirect2https": 301, "tls": { - "certificate": "fullchain.pem", - "certificate-key": "private.key" + "certificate": "fullchain.pem", + "certificate-key": "private.key", + "min-protocol-version": "TLSv1", + "ciphers": [ + "ECDHE_RSA_WITH_AES_256_GCM_SHA384", + "ECDHE_RSA_WITH_AES_256_CBC_SHA", + "RSA_WITH_AES_256_GCM_SHA384", + "RSA_WITH_AES_256_CBC_SHA" + ], + "prefer-server-ciphers": true, + "ecdh-curves": [ + "secp521r1", + "secp384r1", + "secp256r1" + ] }, "connect": "http://emc01.spreadspace.org:8000", "request_header": [ |