Skip to content

Instantly share code, notes, and snippets.

@antishok

antishok/Caddyfile

Last active March 22, 2019 16:49
Show Gist options
  • Save antishok/0ed549e221a43e7eea2e177524634f9e to your computer and use it in GitHub Desktop.
Save antishok/0ed549e221a43e7eea2e177524634f9e to your computer and use it in GitHub Desktop.
Download ZIP
caddy tls config for old android
Raw
Caddyfile
tls admin@mysite.com {
protocols tls1.0 tls1.3
ciphers ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-WITH-CHACHA20-POLY1305 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-CBC-SHA ECDHE-ECDSA-AES256-CBC-SHA ECDHE-RSA-AES256-CBC-SHA
}
Raw
info.md

The important bits for old android are tls1.0 and the cipher ECDHE-RSA-AES256-CBC-SHA. Also important that ECDHE-RSA-AES128-GCM-SHA256 appears before the less secure ciphers, otherwise newer Android's fail with ERR_SPDY_INADEQUATE_TRANSPORT_SECURITY

Note: this is insecure

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment