certmanager: Set our own default cipher string, which includes only ciphers regarded...

author Matthew Wild <mwild1@gmail.com>

Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)

committer Matthew Wild <mwild1@gmail.com>

Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)
author Matthew Wild <mwild1@gmail.com>
Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)
committer Matthew Wild <mwild1@gmail.com>
Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)
diff --git a/core/certmanager.lua b/core/certmanager.lua

index 4bcac40d9e440d4544f2da2bd02ee1423ff8fafa..5dee58765bcbf72a81a0fe74c3d2b8a6166bb677 100644 (file)
--- a/core/certmanager.lua
+++ b/core/certmanager.lua
@@ -68,6 +68,7 @@ function create_context(host, mode, user_ssl_config)
                 options = user_ssl_config.options or default_options;
                 depth = user_ssl_config.depth;
                 curve = user_ssl_config.curve or "secp384r1";
+               ciphers = user_ssl_config.ciphers or "HIGH:!DSS:!aNULL@STRENGTH";
                 dhparam = user_ssl_config.dhparam;
         };
author	Matthew Wild <mwild1@gmail.com>
	Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)
committer	Matthew Wild <mwild1@gmail.com>
	Sat, 13 Jul 2013 12:15:24 +0000 (13:15 +0100)