diff options
| author | PiBa-NL <pba_2k3@yahoo.com> | 2015-06-20 16:05:29 +0200 |
|---|---|---|
| committer | PiBa-NL <pba_2k3@yahoo.com> | 2015-06-20 16:05:29 +0200 |
| commit | 51aa815ed0a53798ef56899daf5fd21bb8ceef81 (patch) | |
| tree | bbc61f9d7acd08c1dffdc1905a5d26e885ff1551 /config/haproxy-devel/www | |
| parent | 8686fe13f55436b7d2af00b69635009a6cce7666 (diff) | |
| download | pfsense-packages-51aa815ed0a53798ef56899daf5fd21bb8ceef81.tar.gz pfsense-packages-51aa815ed0a53798ef56899daf5fd21bb8ceef81.tar.bz2 pfsense-packages-51aa815ed0a53798ef56899daf5fd21bb8ceef81.zip | |
haproxy-devel, dont send the root CA cert to clients when using ssl-offloading, its not needed.
-cipher example and HSTS textual addition
-another try to include lua for haproxy1.6dev package binary
Diffstat (limited to 'config/haproxy-devel/www')
| -rw-r--r-- | config/haproxy-devel/www/haproxy_listeners_edit.php | 3 | ||||
| -rw-r--r-- | config/haproxy-devel/www/haproxy_pool_edit.php | 2 |
2 files changed, 3 insertions, 2 deletions
diff --git a/config/haproxy-devel/www/haproxy_listeners_edit.php b/config/haproxy-devel/www/haproxy_listeners_edit.php index 5b726d08..6998e099 100644 --- a/config/haproxy-devel/www/haproxy_listeners_edit.php +++ b/config/haproxy-devel/www/haproxy_listeners_edit.php @@ -811,7 +811,8 @@ $primaryfrontends = get_haproxy_frontends($excludefrontend); <input type='text' name='dcertadv' size="64" id='dcertadv' <?if(isset($pconfig['dcertadv'])) echo 'value="'.htmlspecialchars($pconfig['dcertadv']).'"';?> /> <br/> NOTE: Paste additional ssl options(without commas) to include on ssl listening options.<br/> - some options: force-sslv3, force-tlsv10 force-tlsv11 force-tlsv12 no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets + some options: force-sslv3, force-tlsv10 force-tlsv11 force-tlsv12 no-sslv3 no-tlsv10 no-tlsv11 no-tlsv12 no-tls-tickets<br/> + Example: no-sslv3 ciphers EECDH+aRSA+AES:TLSv1+kRSA+AES:TLSv1+kRSA+3DES </td> </tr> <tr class="haproxy_ssloffloading_enabled haproxy_primary"> diff --git a/config/haproxy-devel/www/haproxy_pool_edit.php b/config/haproxy-devel/www/haproxy_pool_edit.php index 5e38b12d..0824e45c 100644 --- a/config/haproxy-devel/www/haproxy_pool_edit.php +++ b/config/haproxy-devel/www/haproxy_pool_edit.php @@ -961,7 +961,7 @@ set by the 'retries' parameter.</div> <td colspan="2" valign="top" class="listtopic">Advanced</td> </tr> <tr class="" align="left" id='Strict-Transport-Security'> - <td width="22%" valign="top" class="vncell">Strict-Transport-Security</td> + <td width="22%" valign="top" class="vncell">HSTS Strict-Transport-Security</td> <td width="78%" class="vtable" colspan="2"> When configured enables "HTTP Strict Transport Security" leave empty to disable. (only used on 'http' frontends)<br/> <b>WARNING! the domain will only work over https with a valid certificate!</b><br/> |