By the way, ignore my CipherSuite line in there — you obviously don’t want
SSLv2, +LOW, +MEDIUM and other components - you’ll likely just want the TLS
v1.2 ciphers, which are listed here:
https://www.openssl.org/docs/apps/ciphers.html#TLS-v1.2-cipher-suites
<https://www.openssl.org/docs/apps/ciphers.html#TLS-v1.2-cipher-suites>
Not sure what the CipherSuite string should look like to support that, but if I
have time this week I’ll see if I can figure it out. Be aware that restricting
to just TLS 1.2 may cause some older browsers to not work with your site, but I
haven’t done hands-on work in this area in years, so I’m not up-to-date on
proper configurations.
/s.
> On Jun 23, 2015, at 12:00 PM, Scott Goodwin <sc...@scottg.net> wrote:
>
> An AOLserver configuration file from an old server I used to run has this
> section defined:
>
> ns_param Protocol "SSLv2, SSLv3, TLSv1"
> ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
>
> From the OpenSSL documentation:
> Only enable TLSv1.2:
>
> SSL_CONF_cmd(ctx, "Protocol", "-ALL,TLSv1.2");
>
>
> So I’d assume the following would restrict AOLserver to ONLY use TLS 1.2:
>
> ns_param Protocol “-ALL,TLSv1.2"
> ns_param CipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
>
>
> /s.
>
>
>> On Jun 23, 2015, at 10:36 AM, Paula Giangeruso <pgianger...@wineaccess.com
>> <mailto:pgianger...@wineaccess.com>> wrote:
>>
>> Does anyone have TLS v1.2 working on AOLserver? If so how did you go about
>> doing this?
>>
>> Thank You,
>> Paula
>>
>> --
>> Paula Giangeruso - Vice President/Engineering
>> pgianger...@wineaccess.com <mailto:pgianger...@wineaccess.com> |
>> www.wineaccess.com <http://www.wineaccess.com/>
>> O: ( <>610) 642-1255 | F: (610) 642-1277 | C: (609) 731-8092
>>
>> wineaccess ®
>> direct from the source
>> ------------------------------------------------------------------------------
>> Monitor 25 network devices or servers for free with OpManager!
>> OpManager is web-based network management software that monitors
>> network devices and physical & virtual servers, alerts via email & sms
>> for fault. Monitor 25 devices for free with no restriction. Download now
>> http://ad.doubleclick.net/ddm/clk/292181274;119417398;o_______________________________________________
>>
>> <http://ad.doubleclick.net/ddm/clk/292181274;119417398;o_______________________________________________>
>> aolserver-talk mailing list
>> aolserver-talk@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/aolserver-talk
>
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
aolserver-talk mailing list
aolserver-talk@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/aolserver-talk