Hello! I am into setting up Courier's SSL properly = securely.
Courier MTA v0.75.0 Intermediate settings from https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=apache-2.4.18&openssl=1.0.2d&hsts=yes&profile=intermediate I told esmtpd-ssl to listen on https port: https://www.ssllabs.com/ssltest/analyze.html?d=09874751-cb3a-4d39-b10f-3993b1da964e.pub.cloud.scaleway.com&hideResults=on (self-signed weak cert, but don't care) Q1 "Cipher Suites (sorted by strength as the server has no preference;" Could you please help achieve server order as in Apache SSLHonorCipherOrder? Q2 I've set TLS_CACHEFILE=/var/lib/courier/ssl_cache TLS_CACHESIZE=524288 but still "Session resumption (caching) -> No (IDs assigned but not accepted)" Could you help? Please document TLS_CACHEFILE and TLS_CACHESIZE as they are necessary to reach Qualys A+ Q3 "OCSP stapling -> No" Would it be possible to enable it? Thank you very much! SZÉPE Viktor -- +36-20-4242498 s...@szepe.net skype: szepe.viktor Budapest, III. kerület ------------------------------------------------------------------------------ Find and fix application performance issues faster with Applications Manager Applications Manager provides deep performance insights into multiple tiers of your business applications. It resolves application problems quickly and reduces your MTTR. Get your free trial! http://pubads.g.doubleclick.net/ gampad/clk?id=1444514301&iu=/ca-pub-7940484522588532 _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users