infra/ansible-role-dovecot
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable LDAP

Browse source
This commit is contained in:
Morre 2020-07-12 17:13:36 +02:00
parent b6df106387
commit a38390c678
No known key found for this signature in database
GPG key ID: 5D9B9B1B8F424BBC
9 changed files with 127 additions and 45 deletions
Download patch file Download diff file Expand all files Collapse all files

4
templates/10-ssl.conf.j2
View file

@ -16,7 +16,7 @@ ssl_dh = </etc/ssl/dh-4096.pem
# PEM encoded trusted certificate authority. Set this only if you intend to use
# ssl_verify_client_cert=yes. The file should contain the CA certificate(s)
# followed by the matching CRL(s). (e.g. ssl_ca = </etc/ssl/certs/ca.pem)
#ssl_ca =
#ssl_ca =
# Require that CRL check succeeds for client certificates.
#ssl_require_crl = yes
@ -39,7 +39,7 @@ ssl_dh = </etc/ssl/dh-4096.pem
ssl_min_protocol = TLSv1.2
ssl_cipher_list = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl_prefer_server_ciphers = no
ssl_prefer_server_ciphers = yes
# SSL crypto device to use, for valid values run "openssl engine"