httpd: include TLS 1.3 cipher suites
authorPeter Müller <peter.mueller@link38.eu>
Tue, 15 Jan 2019 14:39:25 +0000 (15:39 +0100)
committerMichael Tremer <michael.tremer@ipfire.org>
Thu, 17 Jan 2019 14:34:00 +0000 (14:34 +0000)
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Cc: Erik Kapfer <erik.kapfer@ipfire.org>
Cc: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
config/httpd/vhosts.d/ipfire-interface-ssl.conf

index 63e7702..f88a6a5 100644 (file)
@@ -11,7 +11,7 @@
 
     SSLEngine on
     SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
-    SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256
+    SSLCipherSuite TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256
     SSLHonorCipherOrder on
     SSLCompression off
     SSLSessionTickets off