allow ability to customize openvpn security stuff: tls-cipher, auth, and cipher config options.

1 files changed, 6 insertions, 1 deletions

diff --git a/provider_base/services/openvpn.json b/provider_base/services/openvpn.json
index 5a87335b..e5b97ed9 100644
--- a/provider_base/services/openvpn.json
+++ b/provider_base/services/openvpn.json
@@ -18,6 +18,11 @@
     "allow_unlimited": "= provider.service.allow_unlimited_bandwidth",
     "limited_prefix": "= provider.ca.client_certificates.limited_prefix",
     "unlimited_prefix": "= provider.ca.client_certificates.unlimited_prefix",
-    "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil"
+    "rate_limit": "= openvpn.allow_limited ? provider.service.bandwidth_limit : nil",
+    "configuration": {
+      "tls-cipher": "TLS-DHE-RSA-WITH-AES-128-CBC-SHA",
+      "auth": "SHA1",
+      "cipher": "AES-128-CBC"
+    }
   }
 }