Mercurial > hg > orthanc
diff OrthancFramework/Sources/HttpServer/HttpServer.cpp @ 4381:df313e410f0c varian
Add support to configure minimimum accepted TLS version and cipher suite
| author | Andrew Wallis <andrew.wallis@varian.com>> |
|---|---|
| date | Fri, 11 Dec 2020 11:59:10 -0500 |
| parents | e1e918e790e8 |
| children | 3aacd2bd8bbc |
line wrap: on
line diff
--- a/OrthancFramework/Sources/HttpServer/HttpServer.cpp Thu Dec 17 12:48:14 2020 +0100 +++ b/OrthancFramework/Sources/HttpServer/HttpServer.cpp Fri Dec 11 11:59:10 2020 -0500 @@ -1631,9 +1631,16 @@ options.push_back("ssl_ca_file"); options.push_back(trustedClientCertificates_.c_str()); } - if (ssl_) { + // Restrict minimum SSL/TLS protocol version + options.push_back("ssl_protocol_version"); + options.push_back(sslMinimumVersion_.c_str()); + + // Set the accepted ciphers list + options.push_back("ssl_cipher_list"); + options.push_back(sslCiphers_.c_str()); + // Set the SSL certificate, if any options.push_back("ssl_certificate"); options.push_back(certificate_.c_str()); @@ -1783,6 +1790,18 @@ #endif } + void HttpServer::SetSslMinimumVersion(std::string version) + { + Stop(); + sslMinimumVersion_ = std::move(version); + } + + void HttpServer::SetSslCiphers(std::string ciphers) + { + Stop(); + sslCiphers_ = std::move(ciphers); + } + void HttpServer::SetKeepAliveEnabled(bool enabled) { Stop();