[CentOS] Apache and SSLv3
Ken
ken at perfect-image.com
Mon Jan 26 17:48:34 UTC 2015
> I'm configuring apache with https and I've a question about sslv3
> deactivation.
>
> Running "openssl ciphers -v" I get a list of cypher suite of openssl like:
>
> ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128)
> Mac=AEAD
> .........
>
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCompression off
Then use cipher suite to your liking.
Modern, Intermediate, Old, from...
https://wiki.mozilla.org/Security/Server_Side_TLS#Apache
Test via...
https://www.ssllabs.com/ssltest/
More information about the CentOS
mailing list