Dovecot Option PROFILE=SYSTEM
Folks
In examining the file
/etc/dovecot/conf.d/10-ssl.conf I see the text line:
ssl_cipher_list = PROFILE=SYSTEM
Yet, I cannot find any documentation that explains what that causes, where the values are stored. I ask because I don’t see that text line in other installations of Dovecot 2.3 on other distros. Can anyone point me to an explanation?
David
4 thoughts on - Dovecot Option PROFILE=SYSTEM
–The value of ssl_cipher_list is passed directly to OpenSSL’s SSL_CTX_set_cipher_list():
<https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_cipher_list.html>
See here for the meaning of PROFILE=SYSTEM:
<https://fedoraproject.org/wiki/Changes/CryptoPolicy#Scope>
Additionally, on your local system, look at
* the crypto-policies(7) man page
* the update-crypto-policies(8) man page
* the contents of the /etc/crypto-policies directory tree
Several applications use these policies, so it’s worthwhile to take a look around.
At 07:04 AM 1/6/2021, Paul Heinlein wrote:
Thanks for the guidance
David
–I suggest opening an enhancement request on Bugzilla.
<https://bugzilla.redhat.com/>