From a779c9f9cb743b82f5127f211153e1cd7db5d8d9 Mon Sep 17 00:00:00 2001
From: Feng Lee <feng@emqtt.io>
Date: Thu, 4 Jan 2018 20:25:26 +0800
Subject: [PATCH] Add 'listener.wss.external.tls_versions' option

---
 etc/emq.conf | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/etc/emq.conf b/etc/emq.conf
index 4d37515aa..b8c21dc40 100644
--- a/etc/emq.conf
+++ b/etc/emq.conf
@@ -1185,6 +1185,13 @@ listener.wss.external.access.1 = allow all
 ## Value: Duration
 ## listener.wss.external.proxy_protocol_timeout = 3s
 
+## TLS versions only to protect from POODLE attack.
+##
+## See: listener.ssl.<name>.tls_versions
+##
+## Value: String, seperated by ','
+## listener.wss.external.tls_versions = tlsv1.2,tlsv1.1,tlsv1
+
 ## TLS Handshake timeout.
 ##
 ## See: listener.ssl.<name>.handshake_timeout