From e5c7b046b37efb570259ea7d565fec30953a8bf6 Mon Sep 17 00:00:00 2001
From: Paul <paul@zom.bi>
Date: Tue, 23 Apr 2019 02:14:16 +0200
Subject: [PATCH] Increase security of config

---
 README.md                          | 4 ++--
 assets/templates/files/config.ovpn | 7 +++++--
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 3a75bff..bda4a26 100644
--- a/README.md
+++ b/README.md
@@ -15,13 +15,13 @@ Simply download them from the "artifacts" section of this project.
 A prebuilt docker image (10MB) is available:
 
 ```
-docker pull docker.klink.asia/paul/certman
+docker pull zombi/certman
 ```
 ### From Source-Docker
 You can easily build your own docker image from source
 
 ```
-docker build -t docker.klink.asia/paul/certman .
+docker build -t zombi/certman .
 ```
 
 ## Configuration
diff --git a/assets/templates/files/config.ovpn b/assets/templates/files/config.ovpn
index 1739796..3e1bbaa 100644
--- a/assets/templates/files/config.ovpn
+++ b/assets/templates/files/config.ovpn
@@ -7,12 +7,15 @@ nobind
 persist-key
 persist-tun
 
-cipher AES-256-CBC
+cipher AES-256-GCM
 auth SHA512
+
 ns-cert-type server
 key-direction 1
+
+tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
 tls-version-min 1.2
-;comp-lzo
+
 verb 3
 
 <ca>