Hi,
I want to set the TlsCipherList on the clients and servers to a more secure
setting like:
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305
:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
but is I put the parameter in the Client or Director section on the client
instance, nothing changes, in the debug log I see no change to be done to
the TLS settings but i the code I see that if we set a cipher list we
should get a least a debug message:
void TlsOpenSsl::SetCipherList(const std::string& cipherlist)
{
Dmsg1(100, "Set cipherlist:\t<%s>\n", cipherlist.c_str());
d_->cipherlist_ = cipherlist;
}
Filedeamon:
FileDaemon {
Name = "name-fd"
MaximumConcurrentJobs = 20
TlsCipherList = "
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305
:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
}
Does someone know what we are doing wrong?
Regards,
Guy
--
You received this message because you are subscribed to the Google Groups
"bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/bareos-users/762914b4-83f9-4dc1-9de7-8415af911925n%40googlegroups.com.
