AEAD ciphers: Add EECDH+CHACHA20 macro.

This adds the following two ciphers: ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA Enc=CHACHA20/POLY1305(256) Mac=AEAD
author: Guilhem Moulin <guilhem@fripost.org> 2020-05-18 04:34:00 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2020-05-18 04:34:17 +0200
commit: 61ba2a2fe12ffd5578429dfe1d354a1c5d16517a (patch)
tree: f6e37d60a9069672b2bc99a591dc34689f881346 /roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
parent: b1808ed6a25beb9b2a746a1d1bed3dd9a459a619 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
index 250eec5..209347f 100644
--- a/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
+++ b/roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
@@ -49,7 +49,7 @@ ssl_dh_parameters_length = 2048
 #ssl_protocols = !SSLv3
 
 # SSL ciphers to use
-ssl_cipher_list = HIGH:!aNULL:!eNULL:!3DES:!MD5:@STRENGTH
+ssl_cipher_list = EECDH+AESGCM:EECDH+CHACHA20!MEDIUM!LOW!EXP!aNULL!eNULL
 
 # Prefer the server's order of ciphers over client's.
 #ssl_prefer_server_ciphers = no
author	Guilhem Moulin <guilhem@fripost.org>	2020-05-18 04:34:00 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2020-05-18 04:34:17 +0200
commit	61ba2a2fe12ffd5578429dfe1d354a1c5d16517a (patch)
tree	f6e37d60a9069672b2bc99a591dc34689f881346 /roles/IMAP/files/etc/dovecot/conf.d/10-ssl.conf
parent	b1808ed6a25beb9b2a746a1d1bed3dd9a459a619 (diff)