HCoop
/
hcoop
/
zz_old
/
debian
/
hcoop-apache2-config.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
| inline |
side by side
Better SSLCipherSuite for Perfect-Forward-Secrecy
[hcoop/zz_old/debian/hcoop-apache2-config.git]
/
files
/
conf.d
/
hcoop-ssl
diff --git a/files/conf.d/hcoop-ssl
b/files/conf.d/hcoop-ssl
new file mode 100644
(file)
index 0000000..
226dcd9
--- /dev/null
+++ b/
files/conf.d/hcoop-ssl
@@ -0,0
+1,3
@@
+# Apache defaults are OK, just change CipherSuite for better PFS
+SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:HIGH:!MEDIUM:!LOW:!SSLv2:!aNULL:!PSK
+SSLHonorCipherOrder on