From 05a9e03d5392103e2e17b0d3da58532ef5b3f671 Mon Sep 17 00:00:00 2001
From: Mathieu Pasquet <mathieui@mathieui.net>
Date: Wed, 15 Jan 2014 18:28:23 +0100
Subject: Add a configurable way of setting cipher suites

And put reasonable defaults
---
 doc/source/configuration.rst | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'doc/source/configuration.rst')

diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
index 7a48a286..b584359b 100644
--- a/doc/source/configuration.rst
+++ b/doc/source/configuration.rst
@@ -111,6 +111,14 @@ section of this documentation.
         The fingerprint of the SSL certificate as a hexadecimal string, you should
         not touch it, except if know what you are doing.
 
+    ciphers
+
+        **Default value:** ``HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL``
+
+        The TLS cipher suites allowed, in `OpenSSL format`_. Modify this if
+        you know what you are doing, see the :ref:`ciphers` dedicated section
+        for more details.
+
     connection_check_interval
 
         **Default value:** ``60``
@@ -942,3 +950,5 @@ found.
         Only for MUC tabs: if true the tab will change its color to notify you when a new message is received.
         You will still be notified of highlights.  Set to ``false`` if you’re not interested in a room non-highlight notifications.
 
+
+.. _OpenSSL format: https://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT
-- 
cgit v1.2.3