This patch adds curves to use with TLS_ECDHE_* ciphers
They will automatically be used be the proxy as they are
in the HIGH ciphersuite.
This patch uses the prime256v1 curve, which should be supported
by most clients. openssl 1.0.1 only supports a single curve.
This also forces the use of new DHE
On Wed, Nov 02, 2016 at 03:15:00PM +0100, Jos Ewert wrote:
> Hi,
>
> Thanks for your help.
>
> I have a few more questions and comments:
>
> > OpenSSL API methods, which are at least fairly easy to grasp in
> > the OpenSSL code base (although the whole ECDH subsystem seems to be
> > rather und
On Mon, Oct 31, 2016 at 07:16:41PM +0100, Jos Ewert wrote:
> The TLS_ECDHE_* ciphers will automatically be used be the proxy
> as they are in the HIGH ciphersuite.
> ---
> PVE/HTTPServer.pm | 7 +++
> 1 file changed, 7 insertions(+)
>
> diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
> ind
The TLS_ECDHE_* ciphers will automatically be used be the proxy
as they are in the HIGH ciphersuite.
---
PVE/HTTPServer.pm | 7 +++
1 file changed, 7 insertions(+)
diff --git a/PVE/HTTPServer.pm b/PVE/HTTPServer.pm
index 1e27bba..e38542b 100755
--- a/PVE/HTTPServer.pm
+++ b/PVE/HTTPServer.pm
