| ... |
... |
@@ -121,13 +121,13 @@ |
| 121 |
121 |
{{/velocity}} |
| 122 |
122 |
Das folgende Beispiel ist keine Sicherheitsempfehlung. Es dient lediglich zur Veranschaulichung, wie eine Konfiguration aussehen könnte: |
| 123 |
123 |
|
| 124 |
|
-{{code}} |
|
124 |
+{{code language="xml"}} |
| 125 |
125 |
<Connector port="443" protocol="HTTP/1.1" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" |
| 126 |
126 |
URIEncoding="UTF-8" |
| 127 |
127 |
maxHttpHeaderSize="65536" |
| 128 |
128 |
maxPostSize="10485760" |
| 129 |
129 |
relaxedQueryChars="[ \ ] ^ ` { | }"> |
| 130 |
|
- <SSLHostConfig protocols="TLSv1.2+TLSv1.3"> |
|
130 |
+ <SSLHostConfig protocols="TLSv1.2+TLSv1.3" ciphers="TLS_AES_128_GCM_SHA256,TLS_AES_256_GCM_SHA384,TLS_CHACHA20_POLY1305_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CCM,TLS_DHE_RSA_WITH_AES_128_CCM_8,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_CCM,TLS_DHE_RSA_WITH_AES_256_CCM_8,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256"> |
| 131 |
131 |
<Certificate certificateKeyFile="conf/private.key" |
| 132 |
132 |
certificateFile="conf/zertifikat.crt" |
| 133 |
133 |
certificateChainFile="conf/CHAIN.pem" |
