Trying a more restrictive cipher suite for dovecot that works

author: Silvio Rhatto <rhatto@riseup.net> 2013-07-16 17:50:11 -0300
committer: Silvio Rhatto <rhatto@riseup.net> 2013-07-16 17:50:11 -0300
commit: 1f6acd780995fda8b7e1f5f1469c6db54ff8d57a (patch)
tree: 89cb8b655a39233c78a77b5e092be5d328f33d67
parent: 5a5d24da9269fff45377c0ec2170cb89846769f7 (diff)
download: puppet-mail-1f6acd780995fda8b7e1f5f1469c6db54ff8d57a.tar.gz
puppet-mail-1f6acd780995fda8b7e1f5f1469c6db54ff8d57a.tar.bz2
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/dovecot/dovecot.conf.squeeze.erb b/templates/dovecot/dovecot.conf.squeeze.erb
index c9b092c..2df5834 100644
--- a/templates/dovecot/dovecot.conf.squeeze.erb
+++ b/templates/dovecot/dovecot.conf.squeeze.erb
@@ -121,7 +121,7 @@ ssl_key_file = /etc/ssl/private/cert.pem
 
 # SSL ciphers to use
 # See http://www.virtualmin.com/node/25057
-ssl_cipher_list = HIGH:!LOW:!MEDIUM:!MD5:!SSL2:!EXP-ADH-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-DES-CBC-SHA:!EXP-EDH-RSA-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-DES-CBC-SHA:!ADH-AES256-SHA:!ADH-AES128-SHA:!ADH-DES-CBC3-SHA:!EXP-ADH-DES-CBC-SHA:!EXP-ADH-DES-CBC-SHA:!ADH-DES-CBC3-SHA:+TLSv1:+SSLv3:!SSLv2:+TLSv1.1:+TLSv1.2 
+ssl_cipher_list = HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
 
 # Show protocol level SSL errors.
 #verbose_ssl = no
author	Silvio Rhatto <rhatto@riseup.net>	2013-07-16 17:50:11 -0300
committer	Silvio Rhatto <rhatto@riseup.net>	2013-07-16 17:50:11 -0300
commit	1f6acd780995fda8b7e1f5f1469c6db54ff8d57a (patch)
tree	89cb8b655a39233c78a77b5e092be5d328f33d67
parent	5a5d24da9269fff45377c0ec2170cb89846769f7 (diff)
download	puppet-mail-1f6acd780995fda8b7e1f5f1469c6db54ff8d57a.tar.gz puppet-mail-1f6acd780995fda8b7e1f5f1469c6db54ff8d57a.tar.bz2