Update the tlv1 faq to indicate that a full config rewrite is required

master
kaiyou 5 years ago
parent 869f230e0d
commit 450be78898

@ -475,15 +475,18 @@ In any case, using a dedicated DNS server will improve the performance of your m
Is there a way to support more (older) ciphers? Is there a way to support more (older) ciphers?
``````````````````````````````````````````````` ```````````````````````````````````````````````
See `How can I override settings?`_ . You will need to rewrite the `tls.conf` template of the `front` container in `core/nginx`.
You will need to add the protocols you wish to support in an override for the ``front`` container (Nginx).
You can set the protocols as follow:
.. code-block:: bash .. code-block:: bash
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers <list of ciphers>; ssl_ciphers <list of ciphers>;
We **strongly** advice against downgrading the TLS version and ciphers! After applying the change, you will need to rebuild the image and use it in your deployment.
We **strongly** advice against downgrading the TLS version and ciphers, please upgrade your client instead! We will not support a more standard way of setting this up.
*Issue reference:* `363`_, `698`_. *Issue reference:* `363`_, `698`_.

Loading…
Cancel
Save