summaryrefslogtreecommitdiffstats
path: root/custom
diff options
context:
space:
mode:
authorzeripath <art27@cantab.net>2021-11-20 06:12:43 +0000
committerGitHub <noreply@github.com>2021-11-20 01:12:43 -0500
commitc96be0cd982255f20a3fe6ff4683115b8073e65e (patch)
tree3b5c31858438becb2a8a24557c419de9fa085e2a /custom
parent9f14fe43c6de96ce7cf81c87620fcd50e086910c (diff)
downloadgitea-c96be0cd982255f20a3fe6ff4683115b8073e65e.tar.gz
gitea-c96be0cd982255f20a3fe6ff4683115b8073e65e.zip
Make SSL cipher suite configurable (#17440)
Diffstat (limited to 'custom')
-rw-r--r--custom/conf/app.example.ini10
1 files changed, 10 insertions, 0 deletions
diff --git a/custom/conf/app.example.ini b/custom/conf/app.example.ini
index 233e8981cb..16977f609b 100644
--- a/custom/conf/app.example.ini
+++ b/custom/conf/app.example.ini
@@ -51,6 +51,16 @@ RUN_MODE = ; prod
;REDIRECT_OTHER_PORT = false
;PORT_TO_REDIRECT = 80
;;
+;; Minimum and maximum supported TLS versions
+;SSL_MIN_VERSION=TLSv1.2
+;SSL_MAX_VERSION=
+;;
+;; SSL Curve Preferences
+;SSL_CURVE_PREFERENCES=X25519,P256
+;;
+;; SSL Cipher Suites
+;SSL_CIPHER_SUITES=; Will default to "ecdhe_ecdsa_with_aes_256_gcm_sha384,ecdhe_rsa_with_aes_256_gcm_sha384,ecdhe_ecdsa_with_aes_128_gcm_sha256,ecdhe_rsa_with_aes_128_gcm_sha256,ecdhe_ecdsa_with_chacha20_poly1305,ecdhe_rsa_with_chacha20_poly1305" if aes is supported by hardware, otherwise chacha will be first.
+;;
;; Timeout for any write to the connection. (Set to 0 to disable all timeouts.)
;PER_WRITE_TIMEOUT = 30s
;;