- # Select cipher suites allowed for SSL/TLS connections (OpenSSL only).
- # This defaults to the empty string, so all supported ciphers are
- # allowed. Please see 'man 1ssl ciphers' for details.
- # The example below only allows "high strength" cipher suites, disables
- # the ones without authentication, and sorts by strength:
- ;CipherList = HIGH:!aNULL:@STRENGTH
+ # Select cipher suites allowed for SSL/TLS connections. This defaults
+ # to HIGH:!aNULL:@STRENGTH (OpenSSL) or SECURE128 (GnuTLS).
+ # See 'man 1ssl ciphers' (OpenSSL) or 'man 3 gnutls_priority_init'
+ # (GnuTLS) for details.
+ # For OpenSSL:
+ ;CipherList = HIGH:!aNULL:@STRENGTH:!SSLv3
+ # For GnuTLS:
+ ;CipherList = SECURE128:-VERS-SSL3.0