Mercurial > hg > orthanc
comparison OrthancServer/Resources/Configuration.json @ 5638:4535194cbb8a
document TLS 1.3 in SslMinimumProtocolVersion
author | Alain Mazy <am@orthanc.team> |
---|---|
date | Wed, 22 May 2024 16:06:30 +0200 |
parents | 68e9f7815fb8 |
children | 95e282478cda |
comparison
equal
deleted
inserted
replaced
5637:7043e646fc0d | 5638:4535194cbb8a |
---|---|
223 // must be stored in the PEM format, and must contain both the | 223 // must be stored in the PEM format, and must contain both the |
224 // certificate and the private key. This option is only meaningful | 224 // certificate and the private key. This option is only meaningful |
225 // if "SslEnabled" is true. | 225 // if "SslEnabled" is true. |
226 "SslCertificate" : "certificate.pem", | 226 "SslCertificate" : "certificate.pem", |
227 | 227 |
228 // Sets the minimum accepted SSL protocol version | 228 // Sets the minimum accepted SSL protocol version for the HTTP server |
229 // (cf. "ssl_protocol_version" option of civetweb). By default, | 229 // (cf. "ssl_protocol_version" option of civetweb). By default, |
230 // require SSL 1.2. This option is only meaningful if "SslEnabled" | 230 // require TLS 1.2 or 1.3. This option is only meaningful if "SslEnabled" |
231 // is true. (new in Orthanc 1.8.2) | 231 // is true. (new in Orthanc 1.8.2) |
232 // | 232 // |
233 // Value => Protocols | 233 // Value => Protocols |
234 // 0 SSL2+SSL3+TLS1.0+TLS1.1+TLS1.2 | 234 // 0 SSL2+SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 |
235 // 1 SSL3+TLS1.0+TLS1.1+TLS1.2 | 235 // 1 SSL3+TLS1.0+TLS1.1+TLS1.2+TLS1.3 |
236 // 2 TLS1.0+TLS1.1+TLS1.2 | 236 // 2 TLS1.0+TLS1.1+TLS1.2+TLS1.3 |
237 // 3 TLS1.1+TLS1.2 | 237 // 3 TLS1.1+TLS1.2+TLS1.3 |
238 // 4 TLS1.2 | 238 // 4 TLS1.2+TLS1.3 |
239 // 5 TLS1.3 | |
239 "SslMinimumProtocolVersion" : 4, | 240 "SslMinimumProtocolVersion" : 4, |
240 | 241 |
241 // Set the accepted ciphers for SSL connections. The ciphers must be | 242 // Set the accepted ciphers for SSL connections for the HTTP server. |
242 // provided as a list of strings. If not set, this will default to | 243 // The ciphers must be provided as a list of strings. If not set, |
243 // FIPS 140-2 ciphers. This option is only meaningful if | 244 // this will default to FIPS 140-2 ciphers. This option is only |
244 // "SslEnabled" is true. (new in Orthanc 1.8.2) | 245 // meaningful if "SslEnabled" is true. (new in Orthanc 1.8.2) |
245 /** | 246 /** |
246 "SslCiphersAccepted" : [ "AES128-GCM-SHA256" ], | 247 "SslCiphersAccepted" : [ "AES128-GCM-SHA256" ], |
247 **/ | 248 **/ |
248 | 249 |
249 // Whether or not peer client certificates shall be checked. This | 250 // Whether or not peer client certificates shall be checked. This |