Home / server / Questions / 970574
Accepted
Patrick
Asked: 2019-06-08 07:38:47 +0800 CST

SeaFile Docker - Disable SSL v3

  • 772

I have just SeaFile running in Docker, scanning the public interface I can see SSLv3 and TLS1.0 are enabled. I'd like to disable them but I'm at a loss as to where that would be configured in this setup.

I launched the container with 

docker run -d --name seafile \
  -e SEAFILE_SERVER_LETSENCRYPT=true \
  -e SEAFILE_SERVER_HOSTNAME=seafile.example.com \
  -e [email protected] \
  -e SEAFILE_ADMIN_PASSWORD=a_very_secret_password \
  -v /opt/seafile-data:/shared \
  -p 8080:80 \
  -p 8443:443 \
  seafileltd/seafile:latest

It's running nginx as the webserver, i have the nginx configuration in the docker merged folder, effectively /etc/nginx, but I can't find anywhere the options for configuring the available ciphers.

grep -i -r "ssl_protocols" /etc/nginx/ returns zero results and after a bunch of digging through google results and bits of documentation I'm no further forward.

Any thoughts?

nginx

1 Answers

  1. Best Answer

    Added the following lines to the seafile.nginx.conf.template file in the image and restarted seafile

    added 

    ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;

    To the server block immediately before the ssl_ciphers line in the conf file.

    You can locate the path to the conf template with 

    /var/lib/docker/>find ./ | grep seafile.nginx.conf.template
    • 0