Specify tls cipher suites

Co-authored-by: Mridul Seth <mail@mriduls.com>
2025-12-18 21:54:05 +08:00 · 2023-05-16 21:12:10 +02:00
parent 59648b79d4
commit aee707c68c
1 changed files with 8 additions and 1 deletions
--- a/tljh/traefik-dynamic.toml.tpl
+++ b/tljh/traefik-dynamic.toml.tpl
@@ -4,7 +4,14 @@
 [tls]
  [tls.options.default]
  minVersion = "VersionTLS12"
-
+  cipherSuites = [
    "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
    "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
    "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
    "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
    "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
    "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
  ]
  {% if https['tls']['cert'] -%}
  [tls.stores.default.defaultCertificate]
    certFile = "{{ https['tls']['cert'] }}"