fix: enable ECDHE ciphers and enforce TLS 1.2 #2
@ -31,8 +31,9 @@ argsfile /var/run/openldap/slapd.args
|
|||||||
TLSCertificateFile {{ ldap_proxy_tls_cert_path }}
|
TLSCertificateFile {{ ldap_proxy_tls_cert_path }}
|
||||||
TLSCertificateKeyFile {{ ldap_proxy_tls_key_path }}
|
TLSCertificateKeyFile {{ ldap_proxy_tls_key_path }}
|
||||||
TLSCACertificateFile {{ ldap_proxy_tls_ca_path }}
|
TLSCACertificateFile {{ ldap_proxy_tls_ca_path }}
|
||||||
TLSCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
TLSCipherSuite HIGH:MEDIUM:-SSLv2:-SSLv3:!SHA1:!SHA256:!SHA384
|
||||||
TLSProtocolMin 3.1
|
TLSProtocolMin 3.3
|
||||||
|
TLSECName secp521r1
|
||||||
|
|
||||||
### Database definition (Proxy to AD) #########################################
|
### Database definition (Proxy to AD) #########################################
|
||||||
database ldap
|
database ldap
|
||||||
|
Loading…
Reference in New Issue
Block a user