upstream/bind9
1
0
Fork 0
mirror of https://github.com/isc-projects/bind9.git synced 2026-03-13 22:22:08 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update the options reference to document 'cipher-suites'

Browse source 
This commit documents the new 'cipher-suites' options of the 'tls'
statement.
This commit is contained in:
Artem Boldariev 2023-12-13 18:14:32 +02:00
parent 3b2b170c0e
commit 0867e2ea30
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
doc/arm/reference.rst
View file

@ -5823,6 +5823,17 @@ The following options can be specified in a :any:`tls` statement:
versions might be specified (e.g.
``protocols { TLSv1.2; TLSv1.3; };``).
.. namedconf:statement:: cipher-suites
:tags: security
:short: Specifies a list of allowed cipher suites in the order of preference for TLSv1.3 only.
Cipher suites list which defines allowed cipher suites, such as
``TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256``.
The string must be formed according to the rules specified in the
OpenSSL documentation (see
https://www.openssl.org/docs/man1.1.1/man1/ciphers.html, section
"TLS v1.3 cipher suites" for details).
.. namedconf:statement:: ciphers
:tags: security
:short: Specifies a list of allowed ciphers in the order of preference for TLSv1.2 only.