httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Pasher <just...@newmediagateway.com>
Subject Re: [users@httpd] Using SSLCipherSuite to restrict to faster cipher algorithms
Date Wed, 16 Dec 2009 16:03:56 GMT
Fran├žois Beaune wrote:
> Hey Justin,
>
> Thanks for your answer.  I did add the various versions of 
> the SSLCipherSuite directive to my virtual host container, sorry if 
> that wasn't clear.
>
> In the meantime I found that, by inspecting the handshake between 
> TortoiseSVN and Apache, the connection does use RC4, which is good. 
>  Still, I don't understand why this doesn't happen with Firefox (it 
> always uses AES 256, which shouldn't be allowed, if I 
> understand things correctly).  Any clue?

Did you try running the shell script to verify that the server is 
correctly applying the SSLCipherSuite directive and only offering the 
ciphers you have allowed?

http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh

-- 
Justin Pasher

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message