SSLCipherSuite - more precise definition, need only strong ciphers
How long would it take to cross the Channel in 1890's?
What can I do with a research project that is my university’s intellectual property?
Can humans ever directly see a few photons at a time? Can a human see a single photon?
Count All Possible Unique Combinations of Letters in a Word
Why does the Saturn V have standalone inter-stage rings?
Does a vocal melody have any rhythmic responsibility to the underlying arrangement in pop music?
Explain why a line can never intersect a plane in exactly two points.
Shooting someone's past self using special relativity
Do I have any obligations to my PhD supervisor's requests after I have graduated?
How to maintain a closed environment for one person for a long period of time
Is declining an undergraduate award which causes me discomfort appropriate?
Why do all the teams that I have worked with always finish a sprint without completion of all the stories?
Confusion over 220 and 230 volt outlets
What does it mean to not be able to take the derivative of a function multiple times?
How do I farm creepers for XP without them exploding?
Why does cooking oatmeal starting with cold milk make it creamy?
DBCC checkdb on tempdb
Why isn't my calculation that we should be able to see the sun well beyond the observable universe valid?
Am I legally required to provide a (GPL licensed) source code even after a project is abandoned?
I don't like coffee, neither beer. How to politely work my way around that in a business situation?
"Correct me if I'm wrong"
Why tighten down in a criss-cross pattern?
Can White Castle?
Should an enameled cast iron pan be seasoned?
SSLCipherSuite - more precise definition, need only strong ciphers
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!<fill in the blank>" references. For a simple web server (no vhosts or specific directory specifications, very specific use and limited administrator access) if I use just
SSLCipherSuite HIGH
am I going to get only the cipher suites listed by
openssl ciphers HIGH
or am I going to get other unintended additions that I need to specifically exclude? (I'm hoping to be able to apply the KISS principle if possible.) When excluding "all" and "medium", am I understanding the !<fill in the blank> specifications correctly as mainly to prevent the server specification from being over-ridden by other configuration?
Thanks for any help.
apache-2.4 configuration cipher
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
add a comment |
The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!<fill in the blank>" references. For a simple web server (no vhosts or specific directory specifications, very specific use and limited administrator access) if I use just
SSLCipherSuite HIGH
am I going to get only the cipher suites listed by
openssl ciphers HIGH
or am I going to get other unintended additions that I need to specifically exclude? (I'm hoping to be able to apply the KISS principle if possible.) When excluding "all" and "medium", am I understanding the !<fill in the blank> specifications correctly as mainly to prevent the server specification from being over-ridden by other configuration?
Thanks for any help.
apache-2.4 configuration cipher
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
add a comment |
The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!<fill in the blank>" references. For a simple web server (no vhosts or specific directory specifications, very specific use and limited administrator access) if I use just
SSLCipherSuite HIGH
am I going to get only the cipher suites listed by
openssl ciphers HIGH
or am I going to get other unintended additions that I need to specifically exclude? (I'm hoping to be able to apply the KISS principle if possible.) When excluding "all" and "medium", am I understanding the !<fill in the blank> specifications correctly as mainly to prevent the server specification from being over-ridden by other configuration?
Thanks for any help.
apache-2.4 configuration cipher
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
The Apache documentation of SSLCipherSuite seems a little vague and the examples I found on the web make it much worse. I see a lot of references to "all", long lists of specific ciphers and lots of "!<fill in the blank>" references. For a simple web server (no vhosts or specific directory specifications, very specific use and limited administrator access) if I use just
SSLCipherSuite HIGH
am I going to get only the cipher suites listed by
openssl ciphers HIGH
or am I going to get other unintended additions that I need to specifically exclude? (I'm hoping to be able to apply the KISS principle if possible.) When excluding "all" and "medium", am I understanding the !<fill in the blank> specifications correctly as mainly to prevent the server specification from being over-ridden by other configuration?
Thanks for any help.
apache-2.4 configuration cipher
apache-2.4 configuration cipher
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
asked Jun 4 at 15:56
Senior GeekSenior Geek
166
166
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970096%2fsslciphersuite-more-precise-definition-need-only-strong-ciphers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f970096%2fsslciphersuite-more-precise-definition-need-only-strong-ciphers%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
