in src/js/helpers/haproxy.js [9:36]
function haproxy_ssl_default_opts (tag) {
var conf =
(minver("2.9.0", form.serverVersion) || tag === 'bind'
?
' ssl-default-'+tag+'-curves '+output.tlsCurves.join(':')+'\n'
: '')+
(output.ciphers.length
?
' ssl-default-'+tag+'-ciphers '+output.ciphers.join(':')+'\n'
: '')+
(minver("1.9.0", form.serverVersion) && minver("1.1.1", form.opensslVersion)
?
' ssl-default-'+tag+'-ciphersuites '+output.cipherSuites.join(':')+'\n'
: '')+
' ssl-default-'+tag+'-options'+
(minver("1.8.0", form.serverVersion) && !output.serverPreferredOrder && tag === 'bind'
? ' prefer-client-ciphers'
: '')+
(minver("2.2.0", form.serverVersion)
? ' ssl-min-ver '+(output.protocols[0] == 'TLSv1' ? 'TLSv1.0' : output.protocols[0])
: (!output.protocols.includes('SSLv3') ? ' no-sslv3' : '')+
(!output.protocols.includes('TLSv1') ? ' no-tlsv10' : '')+
(!output.protocols.includes('TLSv1.1') ? ' no-tlsv11' : '')+
(!output.protocols.includes('TLSv1.2') ? ' no-tlsv12' : ''))+
' no-tls-tickets\n'+
'\n';
return conf;
}