mirrors/xrdp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

xrdp: deprecate TLSv1 and TLSv1.1

Browse Source 
Most websites disabled TLSv1 (1.0) and TLSv1.1 since March 2018
[1][2][3]. It is HTTPS context but there's few differences between HTTPS
and other TLS connections. Users can whenever re-enable these deprecated
TLS versions by editing xrdp.ini but not enabled by default.

[1] https://www.globalsign.com/en/blog/disable-tls-10-and-all-ssl-versions/
[2] https://www.thesslstore.com/blog/deprecation-tls-1-0-1-1-underway/
[3] https://www.digicert.com/blog/depreciating-tls-1-0-and-1-1/
This commit is contained in:
Koichiro IWAO 2018-09-14 00:41:09 +09:00
parent 1ad8cbb2a0
commit 171f8e79ed
No known key found for this signature in database
GPG Key ID: 9F72CDBC01BF10EB
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
xrdp/xrdp.ini.in
View File

@ -29,7 +29,7 @@ certificate=
key_file=
; set SSL protocols
; can be comma separated list of 'SSLv3', 'TLSv1', 'TLSv1.1', 'TLSv1.2', 'TLSv1.3'
ssl_protocols=TLSv1, TLSv1.1, TLSv1.2, TLSv1.3
ssl_protocols=TLSv1.2, TLSv1.3
; set TLS cipher suites
#tls_ciphers=HIGH