1# TLS configuration23## Server-side45TLS certificates are obtained by modules called "certificate loaders". 'tls' directive6arguments specify name of loader to use and arguments. Due to syntax limitations7advanced configuration for loader should be specified using 'loader' directive, see8below.910```11tls file cert.pem key.pem {12 protocols tls1.2 tls1.313 curves X2551914 ciphers ...15}1617tls {18 loader file cert.pem key.pem {19 # Options for loader go here.20 }21 protocols tls1.2 tls1.322 curves X2551923 ciphers ...24}25```2627### Available certificate loaders2829- `file` – Accepts argument pairs specifying certificate and then key.30 E.g. `tls file certA.pem keyA.pem certB.pem keyB.pem`.31 If multiple certificates are listed, SNI will be used.32- `acme` – Automatically obtains a certificate using ACME protocol (Let's Encrypt)33- `off` – Not really a loader but a special value for tls directive,34 explicitly disables TLS for endpoint(s).3536## Advanced TLS configuration3738**Note: maddy uses secure defaults and TLS handshake is resistant to active downgrade attacks. There is no need to change anything in most cases.**3940---4142### protocols _min-version_ _max-version_ | _version_43Default: `tls1.0 tls1.3`4445Minimum/maximum accepted TLS version. If only one value is specified, it will46be the only one usable version.4748Valid values are: `tls1.0`, `tls1.1`, `tls1.2`, `tls1.3`4950---5152### ciphers _ciphers..._53Default: Go version-defined set of 'secure ciphers', ordered by hardware54performance5556List of supported cipher suites, in preference order. Not used with TLS 1.3.5758Valid values:5960- `RSA-WITH-RC4128-SHA`61- `RSA-WITH-3DES-EDE-CBC-SHA`62- `RSA-WITH-AES128-CBC-SHA`63- `RSA-WITH-AES256-CBC-SHA`64- `RSA-WITH-AES128-CBC-SHA256`65- `RSA-WITH-AES128-GCM-SHA256`66- `RSA-WITH-AES256-GCM-SHA384`67- `ECDHE-ECDSA-WITH-RC4128-SHA`68- `ECDHE-ECDSA-WITH-AES128-CBC-SHA`69- `ECDHE-ECDSA-WITH-AES256-CBC-SHA`70- `ECDHE-RSA-WITH-RC4128-SHA`71- `ECDHE-RSA-WITH-3DES-EDE-CBC-SHA`72- `ECDHE-RSA-WITH-AES128-CBC-SHA`73- `ECDHE-RSA-WITH-AES256-CBC-SHA`74- `ECDHE-ECDSA-WITH-AES128-CBC-SHA256`75- `ECDHE-RSA-WITH-AES128-CBC-SHA256`76- `ECDHE-RSA-WITH-AES128-GCM-SHA256`77- `ECDHE-ECDSA-WITH-AES128-GCM-SHA256`78- `ECDHE-RSA-WITH-AES256-GCM-SHA384`79- `ECDHE-ECDSA-WITH-AES256-GCM-SHA384`80- `ECDHE-RSA-WITH-CHACHA20-POLY1305`81- `ECDHE-ECDSA-WITH-CHACHA20-POLY1305`8283---8485### curves _curves..._86Default: defined by Go version8788The elliptic curves that will be used in an ECDHE handshake, in preference89order.9091Valid values: `p256`, `p384`, `p521`, `X25519`.9293## Client9495`tls_client` directive allows to customize behavior of TLS client implementation,96notably adjusting minimal and maximal TLS versions and allowed cipher suites,97enabling TLS client authentication.9899```100tls_client {101 protocols tls1.2 tls1.3102 ciphers ...103 curves X25519104 root_ca /etc/ssl/cert.pem105106 cert /etc/ssl/private/maddy-client.pem107 key /etc/ssl/private/maddy-client.pem108}109```110111---112113### protocols _min-version_ _max-version_ | _version_114Default: `tls1.0 tls1.3`115116Minimum/maximum accepted TLS version. If only one value is specified, it will117be the only one usable version.118119Valid values are: `tls1.0`, `tls1.1`, `tls1.2`, `tls1.3`120121---122123### ciphers _ciphers..._124Default: Go version-defined set of 'secure ciphers', ordered by hardware125performance126127List of supported cipher suites, in preference order. Not used with TLS 1.3.128129See TLS server configuration for list of supported values.130131---132133### curves _curves..._134Default: defined by Go version135136The elliptic curves that will be used in an ECDHE handshake, in preference137order.138139Valid values: `p256`, `p384`, `p521`, `X25519`.140141---142143### root_ca _paths..._144Default: system CA pool145146List of files with PEM-encoded CA certificates to use when verifying147server certificates.148149---150151### cert _cert-path_ <br> key _key-path_152Default: not specified153154Present the specified certificate when server requests a client certificate.155Files should use PEM format. Both directives should be specified.