Tomasz Sterna writes: >Dnia 2014-01-13, pon o godzinie 13:29 +0100, MacLemon pisze: >> I want to disable SSLv3 in favour of TLSv1 only. (Apple jabberd2 is >> linked against a pre-historic OpenSSL 0.9.8 so it doesn't support TLS >> 1.2.) I also want to get rid of weak ciphers and try to enable forward >> secrecy handshake namely DHE. > >It's not possible in 2.2. >You need at least 2.3.0 for this.
How do you do it in 2.3.x? I don't see how to do it in the config files. Is there a way to specify an OpenSSL ciphers string? Joe