We host open-balena on a virtual machine of our company. The department, that manage this machines informs us, that our machine allow ssl connections with TLSv1 and TLSv1.1 and that not allowed. I know, that I can change the behavior of haproxy, if I add these line to the
global part of the
global tune.ssl.default-dh-param 1024 ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
But this file belongs not to the config part of open-balena and I have to stash that every time I make a update. Exist another way, to modify the config of haproxy?