Unbound 1.9 tls-ciphers Settings

Chris Public2 at xymox1.com
Tue Feb 19 13:57:44 UTC 2019


So I would ! for all TLS 1.2 strings ? Leaving only the TLS1.3 suites ?

Maybe a example config line would be good please. Sorry this is more 
OpenSSL and off topic a bit.


On 2/19/2019 5:54 AM, Chris via Unbound-users wrote:
> Hmm.. I am unclear..
>
> Would I disallow all TLS1.2 to allow only TLS1.3 ?
>
> On 2/19/2019 5:15 AM, A. Schulze via Unbound-users wrote:
>>
>> John via Unbound-users:
>>
>>>> tls-ciphers: <string with cipher list>
>>
>> assumed unbound is compiled/linked with openssl, then it's the usual 
>> openssl cipher selection 'language'
>> see "man ciphers" or 
>> https://www.openssl.org/docs/manmaster/man1/ciphers.html
>>
>> Andreas
>>
>>
> -------- Forwarded Message --------
> Subject: 	Unbound 1.9 tls-ciphers Settings
> Date: 	Tue, 19 Feb 2019 06:37:41 +0100
> From: 	John via Unbound-users <unbound-users at nlnetlabs.nl>
> Reply-To: 	John <unbound at 2020.temporarily.de>
> To: 	unbound-users at nlnetlabs.nl
>
>
>
> Hello Unbound List
>
> Since this relaease 1.9. is it possible, to make settings for
> tls-ciphers
> tls-ciphersuites
> tls-session-ticket-keys
>
> Unfortunately nowhere is written which values can be used
> In https://nlnetlabs.nl/documentation/unbound/unbound.conf/
> is only written
>> tls-ciphers: <string with cipher list>
>
> If I wants to set i.e. only TLS 1.3 how have I to write it
> tls-ciphers: tls-1.3
> or have I to use tls-ciphersuites?
>
> Maybe someone can tell me about the values which I can use?
>
> Regards
> John

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.nlnetlabs.nl/pipermail/unbound-users/attachments/20190219/23dc4a1f/attachment.htm>


More information about the Unbound-users mailing list