[packages/apache1-mod_ssl] sync SSLCipherSuite from apache 2.4 config
glen
glen at pld-linux.org
Tue Sep 22 11:54:44 CEST 2015
commit b7254a644c6847cf5a544778ef69a927a23e2690
Author: Elan Ruusamäe <glen at delfi.ee>
Date: Tue Sep 22 12:54:20 2015 +0300
sync SSLCipherSuite from apache 2.4 config
apache1-mod_ssl.conf | 5 +++++
1 file changed, 5 insertions(+)
---
diff --git a/apache1-mod_ssl.conf b/apache1-mod_ssl.conf
index 25c3939..2a44eb0 100644
--- a/apache1-mod_ssl.conf
+++ b/apache1-mod_ssl.conf
@@ -44,6 +44,11 @@ SSLSessionCacheTimeout 300
# connect with one of the provided protocols.
SSLProtocol all -SSLv2 -SSLv3
+# SSL Cipher Suite:
+# List the ciphers that the client is permitted to negotiate.
+# See the mod_ssl documentation for a complete list.
+SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
+
# Semaphore:
# Configure the path to the mutual explusion semaphore the
# SSL engine uses internally for inter-process synchronization.
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/apache1-mod_ssl.git/commitdiff/b7254a644c6847cf5a544778ef69a927a23e2690
More information about the pld-cvs-commit
mailing list