Advanced TLS Options
The table below lists other arguments that you can add to a bind
line when configuring TLS offloading.
Argument | Description |
---|---|
| Sets the list of TLS encryption ciphers to use, separated by colons, in order of preference. Fallback algorithms go at the end of the list. HAProxy ALOHA will choose the first cipher that the client also supports. Use this argument only for SSL and TLS versions up to TLS version 1.2. For TLS version 1.3 and newer, use Sets the list of preferred ciphers.
|
| Sets the list of TLS encryption ciphers to use, separated by colons, in order of preference. Fallback algorithms go at the end of the list. HAProxy ALOHA will choose the first cipher that the client also supports. Use this argument for TLS version 1.3 and newer. For older versions of SSL and TLS, use Sets the list of preferred ciphers.
|
| Sets the maximum version of SSL or TLS to use. Client will not be able to use versions newer than that. Values:
Enforce TLS version 1.2 as the newest accepted version.
|
| Sets the minimum version of SSL or TLS to use. Clients will not be able to use versions older than that. Values:
Enforce TLS version 1.2 as the oldest accepted version.
|
Next up
Web Application Firewall