3728
+ − 1 TLS 1.0 and TLS 1.1 are about to be obsolete. This module warns clients
+ − 2 if they are using those versions, to prepare for disabling them.
+ − 3
+ − 4 # Configuration
+ − 5
+ − 6 ``` {.lua}
+ − 7 modules_enabled = {
+ − 8 -- other modules etc
+ − 9 "warn_legacy_tls";
+ − 10 }
+ − 11
+ − 12 -- This is the default, you can leave it out if you don't wish to
+ − 13 -- customise or translate the message sent.
+ − 14 -- '%s' will be replaced with the TLS version in use.
+ − 15 legacy_tls_warning = [[
+ − 16 Your connection is encrypted using the %s protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client.
+ − 17 ]]
+ − 18 ```
+ − 19
+ − 20 ## Options
+ − 21
+ − 22 `legacy_tls_warning`
+ − 23 : A string. The text of the message sent to clients that use outdated
+ − 24 TLS versions. Default as in the above example.
+ − 25
+ − 26 `legacy_tls_versions`
+ − 27 : Set of TLS versions, defaults to
+ − 28 `{ "SSLv3", "TLSv1", "TLSv1.1" }` {.lua}, i.e. TLS \< 1.2.