OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] apache 2.4 pfs and cipher configuration


Hello,

I'm upgrading my apache configuration. If anyone who is a server
security admin could take a look at this configuration, I need to know
if the ciphers chosen are all pfs, have the strongest settings?

SSLInsecureRenegotiation Off
SSLSessionTickets Off
SSLOpenSSLConfCmd DHParameters "/usr/local/etc/apache24/dh.pem"
SSLOpenSSLConfCmd ECDHParameters secp256k1
SSLOpenSSLConfCmd Curves secp256k1
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256"

My openssl version is 1.0.20, apache 2.4.34.

Thanks.
Dave.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx