SSL more env vars #186

ghost · 2018-11-30T09:59:15Z

Hi,

i have a little question. This was my old SSL config:

define_macro:
  'TLS_CIPHERS': "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"
  'TLS_OPTIONS':
    - "no_sslv3"
    - "no_tlsv1"
    - "no_tlsv1_1"
    - "cipher_server_preference"
    - "no_compression"

c2s_ciphers: 'TLS_CIPHERS'
s2s_ciphers: 'TLS_CIPHERS'
c2s_protocol_options: 'TLS_OPTIONS'
s2s_protocol_options: 'TLS_OPTIONS'

This is what I have done

   environment:
     - EJABBERD_PROTOCOL_OPTIONS_TLSV1=false
     - EJABBERD_PROTOCOL_OPTIONS_TLSV1_1=false
     - EJABBERD_CIPHERS=ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
     - EJABBERD_DHPARAM=true

Is there a a way to set

    - "cipher_server_preference"
    - "no_compression"

Thanks

The text was updated successfully, but these errors were encountered:

ghost changed the title ~~SSL extract env vars~~ SSL more env vars Nov 30, 2018

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SSL more env vars #186

SSL more env vars #186

ghost commented Nov 30, 2018

SSL more env vars #186

SSL more env vars #186

Comments

ghost commented Nov 30, 2018