On Sat, Aug 24, 2013 at 4:29 AM, Erwin Schliske <[email protected] > wrote:
> bind 0.0.0.0:443 ssl crt /etc/ssl/private/<concat cert + privkey> >>>> ciphers ECDHE-RSA-AES256-GCM-SHA384:**ECDHE-ECDSA-AES256-GCM-SHA384:** >>>> ECDHE-RSA-AES128-GCM-SHA256:**ECDHE-ECDSA-AES128-GCM-SHA256:** >>>> kEDH+AESGCM:ECDHE-RSA-RC4-SHA:**ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-** >>>> AES256-SHA384:ECDHE-ECDSA-**AES256-SHA384:ECDHE-RSA-** >>>> AES256-SHA:ECDHE-ECDSA-AES256-**SHA:ECDHE-RSA-AES128-SHA256:** >>>> ECDHE-ECDSA-AES128-SHA256:**ECDHE-RSA-AES128-SHA:ECDHE-** >>>> ECDSA-AES128-SHA:AES256-GCM-**SHA384:AES128-GCM-SHA256:RC4-** >>>> SHA:HIGH:!aNULL:!eNULL:!**EXPORT:!DES:!3DES:!MD5:!PSK >>>> >>> > Is it possible to define a cipher list, which is for all https services? > > Not that I know of, but I'd really like to be able to define a default cipher list for binds too! -Bryan
