On Centos, after you update openssl, this is one choice ;
bind 0.0.0.0:443 ssl no-sslv3 crt /etc/ssl/certs/yourkey.pem ciphers [...]
On another OS, he qualms page describes how to get the list of ciphers.
My suggestion is to always use the recommended cipher list from Mozilla.
If your
On Centos, after you update openssl, this is one choice ;
..
..
bind 0.0.0.0:443 ssl no-sslv3 crt /etc/ssl/certs/yourkey.pem ciphers
Hi,
On 21.02.2015 13:45, Dennis Jacobfeuerborn wrote:
Hi,
I noticed that when I use my browser (latest Firefox) to connect to
haproxy then it will select an RC4 based cipher even though better
options are available. When I make a connection to e.g.
https://www.google.com/ the browser uses
When I connect to haproxy the client uses:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
When I connect to google.com the client uses:
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
A part from the RC4 vs AES difference here, which you can
probably fix by an appropriate ciphers string, as long as you
are using a
Hi,
I noticed that when I use my browser (latest Firefox) to connect to
haproxy then it will select an RC4 based cipher even though better
options are available. When I make a connection to e.g.
https://www.google.com/ the browser uses the correct cipher instead
(stronger and the first in the list
5 matches
Mail list logo
