More updated SSL tricks

Back on November 24th I updated SSL for an Apache server. As I’m playing around with lighttpd, I decided to do the same for it. Here’s the configuration I came up with for a FreeBSD machine:

~~~~
ssl.cipher-list = “ECDHE-RSA-AES256-SHA384:AES256-SHA256:HIGH:!MD5:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4”
~~~~

Results in

~~~~
New, TLSv1/SSLv3, Cipher is DHE-RSA-CAMELLIA256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-CAMELLIA256-SHA
~~~~

originally published at wiki.lewman.is

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s