Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Cipher Configuration on Apache HTTPD
Hello Experts:
I need to configure Apache HTTPD to only take the following ciphers:
TLS_ECDHE_RSA_WITH_AES_256
TLS_RSA_WITH_AES_256_CBC_S
TLS_ECDHE_RSA_WITH_AES_128
TLS_RSA_WITH_AES_128_CBC_S
This is what I have in my ssl.conf configuration file:
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite AES128+EECDH:AES128+EDH:!3
I am confused on how to translate the above ciphers into the proper Apache syntax.
Apache/2.2.15
CentOS release 6.5 (Final)
OpenSSL 1.0.1e-fips 11 Feb 2013
java version "1.7.0_45"
Thanks.
I need to configure Apache HTTPD to only take the following ciphers:
TLS_ECDHE_RSA_WITH_AES_256
TLS_RSA_WITH_AES_256_CBC_S
TLS_ECDHE_RSA_WITH_AES_128
TLS_RSA_WITH_AES_128_CBC_S
This is what I have in my ssl.conf configuration file:
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite AES128+EECDH:AES128+EDH:!3
I am confused on how to translate the above ciphers into the proper Apache syntax.
Apache/2.2.15
CentOS release 6.5 (Final)
OpenSSL 1.0.1e-fips 11 Feb 2013
java version "1.7.0_45"
Thanks.
Asked:
2-
2
1 Solution
That looks very promising Phil. By any chance, can you help me understand what these other expressions mean:
(0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS
(0x35)
(0x2f)
Thanks very much.
(0xc014) ECDH secp256r1 (eq. 3072 bits RSA) FS
(0x35)
(0x2f)
Thanks very much.
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
So, in your case, the SSLCipherSuite line would look like:
Open in new window