httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wim Lewis <w...@omnigroup.com>
Subject Re: [users@httpd] Forcing 256-bit AES encryption on server
Date Wed, 23 Jul 2014 19:17:57 GMT

On 23 Jul 2014, at 7:25 AM, Slusar,Michael wrote:
> Does anyone know how to set up SSL options in httpd.conf or ssl.conf? I am trying to
force the server to use 256-bit AES Encryption when the client\server hello handshake is performed.

You can control the set of ciphers that the server is willing to use using the SSLCipherSuite
directive:

    http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslciphersuite

Note that the documentation for that directive is a little out of date when it comes to describing
the cipher suites that are available--- the specification is simply passed to OpenSSL, so
for more accurate documentation, check which version of OpenSSL your server is compiled with.
The "openssl ciphers" command is useful for checking exactly what cipher suites a given string
will enable when using a given version of OpenSSL.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message