summaryrefslogtreecommitdiff
path: root/ejabberd/defs.yml
diff options
context:
space:
mode:
Diffstat (limited to 'ejabberd/defs.yml')
-rw-r--r--ejabberd/defs.yml16
1 files changed, 16 insertions, 0 deletions
diff --git a/ejabberd/defs.yml b/ejabberd/defs.yml
new file mode 100644
index 0000000..aeb08f9
--- /dev/null
+++ b/ejabberd/defs.yml
@@ -0,0 +1,16 @@
+# Origin: https://github.com/jabber-at/config
+# Origin: https://gitlab.com/hanno/ejabberd-config
+
+# The default ciphers-setting is found here:
+# https://github.com/processone/tls/blob/master/c_src/p1_tls_drv.c
+# We use the default and exclude a few additional ciphers classified as weak
+# by xmpp.net.
+define_macro:
+ 'TLS_OPTIONS':
+ - "no_sslv2"
+ - "no_sslv3"
+ - "no_tlsv1"
+ 'TLS_CIPHERS': "ECDH:DH:!CAMELLIA128:!3DES:!MD5:!RC4:!aNULL:!NULL:!EXPORT:!LOW:!MEDIUM"
+ #'TLS_CIPHERS': "HIGH:!MEDIUM:!LOW:!3DES:!CAMELLIA:!aNULL:!RSA@STRENGTH"
+ #'TLS_CIPHERS': "HIGH:!3DES:!aNULL:!SSLv2:@STRENGTH"
+ CERT_PATH: "/etc/ejabberd/ejabberd.pem"