hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed support for SSLv3

Browse Source 
SSLv3 can't be considered safe anymore so removing the support for it improves
MaxScale's security as a whole.
This commit is contained in:
Markus Makela
2016-03-08 15:22:35 +02:00
parent 18a3aa5e33
commit 60724172a4
3 changed files with 3 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
Documentation/Getting-Started/Configuration-Guide.md
View File

@ -629,12 +629,13 @@ A string giving a file path that identifies an existing readable file. The file
#### `ssl_version`
This parameter controls the level of encryption used. Accepted values are:
* SSLv3
* TLSv10
* TLSv11
* TLSv12
* MAX
`MAX` is the maximum available TLS version which at the time of writing is TLSv1.2.
#### `ssl_cert_verification_depth`
The maximum length of the certificate authority chain that will be accepted. Legal values are positive integers. Note that if the client is to submit an SSL certificate, the `ssl_cert_verification_depth` parameter must not be 0. If no value is specified, the default is 9.