]> arthur.barton.de Git - ngircd-alex.git/blobdiff - man/ngircd.conf.5.tmpl
projects / ngircd-alex.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Cipher list selection for GnuTLS
[ngircd-alex.git] / man / ngircd.conf.5.tmpl
diff --git a/man/ngircd.conf.5.tmpl b/man/ngircd.conf.5.tmpl
index cf926f9a3b80845f1b45715664a66f1709fddb94..862c142403327a0560161e586ec6de8fe854e22a 100644 (file)
--- a/man/ngircd.conf.5.tmpl
+++ b/man/ngircd.conf.5.tmpl
@@ -366,6 +366,15 @@ when it is compiled with support for SSL using OpenSSL or GnuTLS!
 \fBCertFile\fR (string)
 SSL Certificate file of the private server key.
 .TP
+\fBCipherList\fR (string)
+Select cipher suites allowed for SSL/TLS connections. This defaults to the
+empty string, so all supported ciphers are allowed.
+Please see 'man 1ssl ciphers' (OpenSSL) and 'man 3 gnutls_priority_init'
+(GnuTLS) for details.
+For example, this setting allows only "high strength" cipher suites, disables
+the ones without authentication, and sorts by strength:
+"HIGH:!aNULL:@STRENGTH" (OpenSSL), "SECURE128" (GnuTLS).
+.TP
 \fBDHFile\fR (string)
 Name of the Diffie-Hellman Parameter file. Can be created with GnuTLS
 "certtool \-\-generate-dh-params" or "openssl dhparam". If this file is not
Alex' ngIRCd development repository