Disable support for TLS 1.0 and TLS 1.1

These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
This commit is contained in:
sakkiii 2021-04-15 19:25:23 +05:30 committed by GitHub
parent ed3c9ccbd2
commit 540416e32d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -16,6 +16,8 @@ no-cli
{% if matrix_coturn_tls_enabled %} {% if matrix_coturn_tls_enabled %}
cert={{ matrix_coturn_tls_cert_path }} cert={{ matrix_coturn_tls_cert_path }}
pkey={{ matrix_coturn_tls_key_path }} pkey={{ matrix_coturn_tls_key_path }}
no-tlsv1
no-tlsv1_1
{% else %} {% else %}
no-tls no-tls
no-dtls no-dtls