[pve-devel] [PATCH] pveproxy: enable TSLv1

Wolfgang Link w.link at proxmox.com
Tue Feb 3 13:17:54 CET 2015


this is necessary for IE communication

Signed-off-by: Wolfgang Link <w.link at proxmox.com>
---
 bin/pveproxy |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/bin/pveproxy b/bin/pveproxy
index a9b6f1c..a254f08 100755
--- a/bin/pveproxy
+++ b/bin/pveproxy
@@ -107,8 +107,10 @@ sub init {
 	ssl => {
 	    # Note: older versions are considered insecure, for example
 	    # search for "Poodle"-Attac
+	    method => TLSv1,
 	    sslv2 => 0,
-	    sslv3 => 0,	    
+	    sslv3 => 0,
+	    verify => 1,
 	    cipher_list => $proxyconf->{CIPHERS} || 'HIGH:MEDIUM:!aNULL:!MD5',
 	    key_file => '/etc/pve/local/pve-ssl.key',
 	    cert_file => '/etc/pve/local/pve-ssl.pem',
-- 
1.7.10.4





More information about the pve-devel mailing list