TLS configuration
A. Schulze
sca at andreasschulze.de
Sun Nov 18 21:25:38 UTC 2018
Am 18.11.18 um 21:55 schrieb nusenu via Unbound-users:
> is there a way to configure TLS versions and ciphers
> for server and client role of DNS-over-TLS?
not by configuration (as far as I know).
If you compile unbound you may adjust
https://github.com/NLnetLabs/unbound/blob/master/util/net_help.c#L706
to disable some ciphers
or even repeat https://github.com/NLnetLabs/unbound/blob/master/util/net_help.c#L696
to envorce TLS1.3 only if available at compile time.
depend on your goals
Andeas
More information about the Unbound-users
mailing list