certmanager: Default to using the server's cipher preference order by default, as...
authorMatthew Wild <mwild1@gmail.com>
Sat, 9 Nov 2013 17:50:19 +0000 (17:50 +0000)
committerMatthew Wild <mwild1@gmail.com>
Sat, 9 Nov 2013 17:50:19 +0000 (17:50 +0000)
core/certmanager.lua

index e820c91427ffcb5816acd923c041b3b3afa72be2..5e8297778b6ec4245f092f098a94fea6c9ce298b 100644 (file)
@@ -33,7 +33,7 @@ module "certmanager"
 local default_ssl_config = configmanager.get("*", "ssl");
 local default_capath = "/etc/ssl/certs";
 local default_verify = (ssl and ssl.x509 and { "peer", "client_once", }) or "none";
-local default_options = { "no_sslv2", "no_sslv3", luasec_has_noticket and "no_ticket" or nil };
+local default_options = { "no_sslv2", "no_sslv3", luasec_has_noticket and "no_ticket" or nil, "cipher_server_preference" };
 local default_verifyext = { "lsec_continue", "lsec_ignore_purpose" };
 
 if ssl and not luasec_has_verifyext and ssl.x509 then