Use system-crypto-policies by default.
Cyrus places the cipher list under control of the administrator. Make the default configuration use the system crypto policies. Resolves https://bugzilla.redhat.com/show_bug.cgi?id=1179212
This commit is contained in:
Jason Tibbitts
parent
c0a5476798
commit
f7c566fb48
22
cyrus-imapd.imap-2.5.x-conf
Normal file
22
cyrus-imapd.imap-2.5.x-conf
Normal file
@ -0,0 +1,22 @@
|
||||
configdirectory: /var/lib/imap
|
||||
partition-default: /var/spool/imap
|
||||
admins: cyrus
|
||||
sievedir: /var/lib/imap/sieve
|
||||
sendmail: /usr/sbin/sendmail
|
||||
hashimapspool: true
|
||||
sasl_pwcheck_method: saslauthd
|
||||
sasl_mech_list: PLAIN LOGIN
|
||||
allowplaintext: no
|
||||
defaultdomain: mail
|
||||
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
|
||||
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
|
||||
tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt
|
||||
|
||||
# Support system-wide crypto policy
|
||||
# https://fedoraproject.org/wiki/Packaging:CryptoPolicies
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1179212
|
||||
# Comment out the below line to revert to the compiled-in default of "DEFAULT".
|
||||
tls_ciphers: PROFILE=SYSTEM
|
||||
|
||||
# uncomment this if you're operating in a DSCP environment (RFC-4594)
|
||||
# qosmarking: af13
|
||||
Loading…
Reference in New Issue
Block a user