21 lines
1.1 KiB
Diff
21 lines
1.1 KiB
Diff
diff -Naur openssl-3.0.2_orig/apps/openssl.cnf openssl-3.0.2/apps/openssl.cnf
|
|
--- openssl-3.0.2_orig/apps/openssl.cnf 2022-03-16 22:19:52.816290337 +0600
|
|
+++ openssl-3.0.2/apps/openssl.cnf 2022-03-16 22:21:20.944187253 +0600
|
|
@@ -72,7 +72,14 @@
|
|
|
|
[ crypto_policy ]
|
|
|
|
-.include = /etc/crypto-policies/back-ends/opensslcnf.config
|
|
+CipherString = @SECLEVEL=1:kEECDH:kRSA:kEDH:kPSK:kDHEPSK:kECDHEPSK:kRSAPSK:!DES:!RC4:!RC2:!IDEA:-SEED:!eNULL:!aNULL:!MD5:-SHA384:-CAMELLIA:-ARIA:-AESCCM8
|
|
+Ciphersuites = TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:TLS_AES_128_CCM_SHA256
|
|
+TLS.MinProtocol = TLSv1
|
|
+TLS.MaxProtocol = TLSv1.3
|
|
+DTLS.MinProtocol = DTLSv1
|
|
+DTLS.MaxProtocol = DTLSv1.2
|
|
+SignatureAlgorithms = ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA512:ed25519:ed448:rsa_pss_pss_sha256:rsa_pss_pss_sha384:rsa_pss_pss_sha512:rsa_pss_rsae_sha256:rsa_pss_rsae_sha384:rsa_pss_rsae_sha512:RSA+SHA256:RSA+SHA384:RSA+SHA512:ECDSA+SHA224:RSA+SHA224:DSA+SHA256:DSA+SHA384:DSA+SHA512:DSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
|
|
+
|
|
|
|
####################################################################
|
|
[ ca ]
|
|
|
