Revision control
Copy as Markdown
Other Tools
allow_tls12 = true
allow_tls13 = true
allow_dtls12 = true
allow_ssl_key_log_file = false
ciphers = AES-256/GCM AES-128/GCM ChaCha20Poly1305
macs = AEAD SHA-256 SHA-384 SHA-1
signature_hashes = SHA-512 SHA-384 SHA-256
signature_methods = ECDSA RSA
key_exchange_methods = ECDH DH
key_exchange_groups = x25519 secp256r1 x25519/ML-KEM-768 secp256r1/ML-KEM-768 secp384r1/ML-KEM-1024 x448 secp384r1 secp521r1 brainpool256r1 brainpool384r1 brainpool512r1 ffdhe/ietf/2048 ffdhe/ietf/3072
allow_insecure_renegotiation = false
include_time_in_hello_random = true
allow_server_initiated_renegotiation = false
hide_unknown_users = false
server_uses_own_ciphersuite_preferences = true
negotiate_encrypt_then_mac = true
support_cert_status_message = true
tls_13_middlebox_compatibility_mode = true
accepted_client_certificate_types = X509
accepted_server_certificate_types = X509
hash_hello_random = true
maximum_session_tickets_per_client_hello = 1
session_ticket_lifetime = 86400
reuse_session_tickets = false
new_session_tickets_upon_handshake_success = 1
minimum_dh_group_size = 2048
minimum_ecdh_group_size = 255
minimum_rsa_bits = 2048
minimum_signature_strength = 110