[stunnel-users] dhparam and others
mlrx
stunnel.org at 18informatique.com
Sat Mar 2 15:49:45 CET 2019
Hello,
This is my first run with stunnel.
I have unbound and stunnel on openBSD to do DNS-over-TLS
and it works (fine).
I want now to enforce TLS security so I added the following
options:
sslVersion = TLSv1.2
options = CIPHER_SERVER_PREFERENCE
ciphers = [list]
curve = [name]
When it will be ready to production, I will add:
verify = 3
CA*
OCSP*
For now, I don't find any information about using dhparam file.
Something like SSLOpenSSLConfCmd DHParameters "/path/to/file.pem"
in Apache.
How can I do it possible? Could you point me some informations or
the path to do it please?
Could you confirm that I can't use TLS1.3 for now in stunnel?
May be you could have some security advices ?
Best regards,
--
mlrx
More information about the stunnel-users
mailing list