Browse Source

docs: warn about TLSv1 / TLSv1.1 being available only on debian

Nicolas Duchon 8 tháng trước cách đây
mục cha
commit
ac0a4ca826
1 tập tin đã thay đổi với 2 bổ sung1 xóa
  1. 2 1
      docs/README.md

+ 2 - 1
docs/README.md

@@ -480,6 +480,7 @@ Complete list of policies available through the `SSL_POLICY` environment variabl
       <a href="https://wiki.mozilla.org/Security/Server_Side_TLS#Old_backward_compatibility" target="_blank">
         <code>Mozilla-Old</code>
       </a>
+      (this policy should use a 1024 bits DH key for compatibility but this container provides a 4096 bits key. The <a href="#diffie-hellman-groups">Diffie-Hellman Groups</a> section details different methods of bypassing this, either globally or per virtual-host.)
     </li>
   </ul>
 </details>
@@ -562,7 +563,7 @@ Complete list of policies available through the `SSL_POLICY` environment variabl
 </details>
 </br>
 
-Note that the `Mozilla-Old` policy should use a 1024 bits DH key for compatibility but this container provides a 4096 bits key. The [Diffie-Hellman Groups](#diffie-hellman-groups) section details different methods of bypassing this, either globally or per virtual-host.
+:warning: Please note that TLSv1 and TLSv1.1 are only available on the debian based image due to the way OpenSSL is configured on upstream Alpine images.
 
 The default behavior for the proxy when port 80 and 443 are exposed is as follows: