cipher-suite("TLSv1.2:!aNULL")
cipher-suite("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384")
In syslog-ng PE 7 ssl-options() is introduced, which currently, can disable specific protocol versions.
The best solution is combing with cipher-suite() option.
cipher-suite("ALL:!aNULL")
ssl-options(no-sslv2, no-sslv3, no-tlsv1, no-tlsv11)
cipher-suite("ECDHE:!aNULL")
ssl-options(no-sslv2, no-sslv3, no-tlsv1, no-tlsv11)
© 2021 One Identity LLC. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy