From 870dcd4f537565c418458776aef70593ffa5ec19 Mon Sep 17 00:00:00 2001
From: jack <jack.su@pollex.com.tw>
Date: 星期二, 29 八月 2023 11:34:20 +0800
Subject: [PATCH] [UPDATE] 解決滲透TLS問題 [UPDATE] 解決CSRF問題

---
 pamapi/src/main/resources/config/application-tls.yml |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletions(-)

diff --git a/pamapi/src/main/resources/config/application-tls.yml b/pamapi/src/main/resources/config/application-tls.yml
index 039f6f4..f160d2d 100644
--- a/pamapi/src/main/resources/config/application-tls.yml
+++ b/pamapi/src/main/resources/config/application-tls.yml
@@ -13,7 +13,11 @@
     key-store-password: password
     key-store-type: PKCS12
     key-alias: selfsigned
-    ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
+    ciphers: 
+    	- TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+    	- TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+    	- TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+    	- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
     enabled-protocols: TLSv1.2
   http2:
     enabled: true

--
Gitblit v1.8.0