Thanks for the series! tried each of the option (and verified with `sslscan localhost:8006`)
2 minor cosmetic nits (mentioned as replies to the individual patches) with and without them LGTM: Tested-by: Stoiko Ivanov <s.iva...@proxmox.com> Reviewed-by: Stoiko Ivanov <s.iva...@proxmox.com> On Fri, 17 Dec 2021 13:57:26 +0100 Fabian Grünbichler <f.gruenbich...@proxmox.com> wrote: > this series adds the following options to /etc/default/$proxy, and > corresponding handling in pveproxy/pmgproxy/api-server: > > - TLS 1.3 ciphersuites (these are different to < 1.3 cipher lists) > - disable TLS 1.2 / disable TLS 1.3 option (rest are disabled by default > anyway) > - alternative location for pveproxy-ssl.key outside of /etc/pve (PVE > only) > > while not strictly required, it probably makes sense to add a/bump the > versioned dep from pve-manager/pmg-api to patched > libpve-http-server-perl - nothing should break, but the new options are > only handled if both packages are updated. > > > _______________________________________________ > pve-devel mailing list > pve-devel@lists.proxmox.com > https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel > > _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
