This repository was archived by the owner on Apr 26, 2024. It is now read-only.
This repository was archived by the owner on Apr 26, 2024. It is now read-only.
Update Synapse's ciphers & restrict serving to TLS1.2+ #5529
Description
We currently allow AES128-CCM, which isn't a great cipher and isn't in Mozilla's modern suite.
We should also get rid of TLS 1.0 and 1.1, since we require ciphers that basically require a TLS 1.2 compatible TLS stack to talk to.