diff options
| author | Lawrence Teo <lteo@cvs.openbsd.org> | 2014-10-21 02:29:55 +0000 |
|---|---|---|
| committer | Lawrence Teo <lteo@cvs.openbsd.org> | 2014-10-21 02:29:55 +0000 |
| commit | c69251803f24bb43bead8942655d5fb0cf2fdb02 (patch) | |
| tree | 957c2e0bd043d41e7794975fee8c055da0c57a22 /etc/examples | |
| parent | 35b36ea27e93323186e53f17b9a5aaabbef77d72 (diff) | |
Remove SSLv2 and SSLv3 references from the example relayd.conf and the
relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to
"no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1
and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
Diffstat (limited to 'etc/examples')
| -rw-r--r-- | etc/examples/relayd.conf | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/etc/examples/relayd.conf b/etc/examples/relayd.conf index efb9dc4a448..4de1d27cd63 100644 --- a/etc/examples/relayd.conf +++ b/etc/examples/relayd.conf @@ -1,4 +1,4 @@ -# $OpenBSD: relayd.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $ +# $OpenBSD: relayd.conf,v 1.2 2014/10/21 02:29:54 lteo Exp $ # # Macros # @@ -45,7 +45,7 @@ http protocol httpssl { # Various TCP performance options tcp { nodelay, sack, socket buffer 65536, backlog 128 } -# ssl { no sslv2, sslv3, tlsv1, ciphers HIGH } +# ssl { no tlsv1.0, ciphers HIGH } # ssl session cache disable } |