Revision as of 00:11, 13 December 2014 by Quanah (talk | contribs) (Protocol version settings)

Security Settings for Zimbra Collaboration 8.6 series

Proxy settings

Cipher suite settings

The single valued zimbraReverseProxySSLCiphers attribute configures what cipher suites the nginx proxy will allow to be negotiated over SSL. This affects HTTPS when the web proxy is enabled, and POP and IMAP when the mail proxy is enabled.

The current recommended setting is:


It can be set using the zmprov mcf command

Protocol version settings

The multi-valued attribute controlling the acceptable TLS protocol versions to be used by the nginx proxy is zimbraReverseProxySSLProtocols

The current recommend values for this attribute are:


The values can be modified to either add or remove a protocl:

To add a protocol: zmprov mcf zimbraReverseProxySSLProtocols +protocol

To remove a protocol: zmprov mcf zimbraReverseProxySSLProtocols -protocol

Jetty settings

LDAP settings

MTA settings

Jump to: navigation, search