Line 94: |
Line 94: |
| <tr> | | <tr> |
| <td>Encryption</td> | | <td>Encryption</td> |
− | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | BF-CBC 128 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-40CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64| AES-128-CBC 128 | AES-192-CBC 192 | AES-256-CBC 256 | none; default: <b>BF-CBC 128</b></td> | + | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64 | AES-128-CFB 128 | AES-128-CFB1 128 | AES-128-CFB8 128 | AES-128-OFB 128 | AES-128-CBC 128 | AES-128-GCM 128 | AES-192-CFB 192 | AES-192-CFB1 192 | AES-192-CFB8 192 | AES-192-OFB 192 | AES-192-CBC 192 | AES-192-GCM 192 | AES-256-CFB 256 | AES-256-CFB1 256 | AES-256-CFB8 256 | AES-256-OFB 256 | AES-256-CBC 256 | AES-256-GCM 256 | none ; default: <b>BF-CBC 128</b></td> |
| <td>Algorithm used for packet encryption.</td> | | <td>Algorithm used for packet encryption.</td> |
| </tr> | | </tr> |
Line 161: |
Line 161: |
| <td>yes | no; default: <b>no</b></td> | | <td>yes | no; default: <b>no</b></td> |
| <td>Use PKCS #12 archive file format to bundle all the members of a chain of trust.</td> | | <td>Use PKCS #12 archive file format to bundle all the members of a chain of trust.</td> |
| + | </tr> |
| + | <tr> |
| + | <td>PKCS #12 passphrase</td> |
| + | <td>string; default: <b>none</b></td> |
| + | <td>Passphrase to decrypt PKCS #12 certificates.</td> |
| + | </tr> |
| + | <tr> |
| + | <td>PKCS #12 certificate chain</td> |
| + | <td>string; default: <b>none</b></td> |
| + | <tds.>Uploads PKCS #12 certificate chain file.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |
Line 169: |
Line 179: |
| <tr> | | <tr> |
| <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span> Additional HMAC authentication</td> | | <td><span style="color: red;">TLS</span>/<span style="color: #0054a6;">Password:</span> Additional HMAC authentication</td> |
− | <td>yes | no; default: <b>no</b></td> | + | <td>none | Authentication only (tls-auth) | Authentication and encryption (tls-crypt); default: <b>none</b></td> |
| <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks.</td> | | <td>An additional layer of HMAC authentication on top of the TLS control channel to protect against DoS attacks.</td> |
| </tr> | | </tr> |
Line 296: |
Line 306: |
| <tr> | | <tr> |
| <td>Encryption</td> | | <td>Encryption</td> |
− | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | BF-CBC 128 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-40CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64| AES-128-CBC 128 | AES-192-CBC 192 | AES-256-CBC 256 | none; default: <b>BF-CBC 128</b></td> | + | <td>DES-CBC 64 | RC2-CBC 128 | DES-EDE-CBC 128 | DES-EDE3-CBC 192 | DESX-CBC 192 | RC2-40-CBC 40 | CAST5-CBC 128 | RC2-64-CBC 64 | AES-128-CFB 128 | AES-128-CFB1 128 | AES-128-CFB8 128 | AES-128-OFB 128 | AES-128-CBC 128 | AES-128-GCM 128 | AES-192-CFB 192 | AES-192-CFB1 192 | AES-192-CFB8 192 | AES-192-OFB 192 | AES-192-CBC 192 | AES-192-GCM 192 | AES-256-CFB 256 | AES-256-CFB1 256 | AES-256-CFB8 256 | AES-256-OFB 256 | AES-256-CBC 256 | AES-256-GCM 256 | none ; default: <b>BF-CBC 128</b></td> |
| <td>Algorithm used for packet encryption.</td> | | <td>Algorithm used for packet encryption.</td> |
| </tr> | | </tr> |
Line 359: |
Line 369: |
| <td>When enabled allows multiple clients to connect using the same certificates.</td> | | <td>When enabled allows multiple clients to connect using the same certificates.</td> |
| </tr> | | </tr> |
− | <tr>
| + | <tr> |
| <td>Use PKCS #12 format</td> | | <td>Use PKCS #12 format</td> |
| <td>yes | no; default: <b>no</b></td> | | <td>yes | no; default: <b>no</b></td> |
| <td>Use PKCS #12 archive file format to bundle all the members of a chain of trust.</td> | | <td>Use PKCS #12 archive file format to bundle all the members of a chain of trust.</td> |
| + | </tr> |
| + | <tr> |
| + | <td>PKCS #12 passphrase</td> |
| + | <td>string; default: <b>none</b></td> |
| + | <td>Passphrase to decrypt PKCS #12 certificates.</td> |
| + | </tr> |
| + | <tr> |
| + | <td>PKCS #12 certificate chain</td> |
| + | <td>string; default: <b>none</b></td> |
| + | <tds.>Uploads PKCS #12 certificate chain file.</td> |
| </tr> | | </tr> |
| <tr> | | <tr> |