miracle091/dnscrypt-proxy
miracle091/dnscrypt-proxy
1
0
Fork 0
mirror of https://github.com/DNSCrypt/dnscrypt-proxy.git synced 2024-12-26 00:02:34 +01:00
Code Issues Releases Wiki Activity

Clarify that TLS cipher suites are for TLS 1.2

Browse Source 
Fixes #2377
This commit is contained in:
Frank Denis 2023-04-18 13:15:59 -06:00
parent 5b8e7d4114
commit c66023c7d7
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dnscrypt-proxy/example-dnscrypt-proxy.toml
View File

@ -207,20 +207,18 @@ cert_refresh_delay = 240
# tls_disable_session_tickets = false # tls_disable_session_tickets = false
## DoH: Use a specific cipher suite instead of the server preference ## DoH: Use TLS 1.2 and specific cipher suite instead of the server preference
## 49199 = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ## 49199 = TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
## 49195 = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ## 49195 = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
## 52392 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305 ## 52392 = TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
## 52393 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305 ## 52393 = TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
## 4865 = TLS_AES_128_GCM_SHA256
## 4867 = TLS_CHACHA20_POLY1305_SHA256
## ##
## On non-Intel CPUs such as MIPS routers and ARM systems (Android, Raspberry Pi...), ## On non-Intel CPUs such as MIPS routers and ARM systems (Android, Raspberry Pi...),
## the following suite improves performance. ## the following suite improves performance.
## This may also help on Intel CPUs running 32-bit operating systems. ## This may also help on Intel CPUs running 32-bit operating systems.
## ##
## Keep tls_cipher_suite empty if you have issues fetching sources or ## Keep tls_cipher_suite empty if you have issues fetching sources or
## connecting to some DoH servers. Google and Cloudflare are fine with it. ## connecting to some DoH servers.
# tls_cipher_suite = [52392, 49199] # tls_cipher_suite = [52392, 49199]