</term>
<listitem>
<para>
- Specifies a list of <acronym>SSL</> cipher suites that are allowed to be
- used on secure connections. See
- the <citerefentry><refentrytitle>ciphers</></citerefentry> manual page
- in the <application>OpenSSL</> package for the syntax of this setting
- and a list of supported values.
- This parameter can only be set in the <filename>postgresql.conf</>
- file or on the server command line.
- The default value is <literal>HIGH:MEDIUM:+3DES:!aNULL</>. The
- default is usually a reasonable choice unless you have specific
- security requirements.
+ Specifies a list of <acronym>SSL</> cipher suites that are
+ allowed to be used by SSL connections. See the
+ <citerefentry><refentrytitle>ciphers</></citerefentry>
+ manual page in the <application>OpenSSL</> package for the
+ syntax of this setting and a list of supported values. Only
+ connections using TLS version 1.2 and lower are affected. There is
+ currently no setting that controls the cipher choices used by TLS
+ version 1.3 connections. The default value is
+ <literal>HIGH:MEDIUM:+3DES:!aNULL</>. The default is usually a
+ reasonable choice unless you have specific security requirements.
+ </para>
+
+ <para>
+ This parameter can only be set in the
+ <filename>postgresql.conf</> file or on the server command
+ line.
</para>
<para>
projects / postgresql-pgindent.git / commitdiff