fix: enable ECDHE ciphers and enforce TLS 1.2 #2

Merged
xoxys merged 1 commits from xoxys-patch-1 into main 2024-06-04 19:12:37 +00:00

View File

@ -31,8 +31,9 @@ argsfile /var/run/openldap/slapd.args
TLSCertificateFile {{ ldap_proxy_tls_cert_path }} TLSCertificateFile {{ ldap_proxy_tls_cert_path }}
TLSCertificateKeyFile {{ ldap_proxy_tls_key_path }} TLSCertificateKeyFile {{ ldap_proxy_tls_key_path }}
TLSCACertificateFile {{ ldap_proxy_tls_ca_path }} TLSCACertificateFile {{ ldap_proxy_tls_ca_path }}
TLSCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4 TLSCipherSuite HIGH:MEDIUM:-SSLv2:-SSLv3:!SHA1:!SHA256:!SHA384
TLSProtocolMin 3.1 TLSProtocolMin 3.3
TLSECName secp521r1
### Database definition (Proxy to AD) ######################################### ### Database definition (Proxy to AD) #########################################
database ldap database ldap