François Beaune wrote:
Hello,
I have a setup where Apache 2.2.3 is serving a large SVN
repository with WebDAV over HTTPS (using basic authentication).
Everything is working correctly; I would simply like to force usage
of faster cipher algorithms (trading some security in favor of speed)
than what seems to be allowed right now (for instance, AES 256 is used
when I connect with Firefox).
[snip]
As an experiment, I have tried that (at the virtual host level):
SSLProtocol all -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite ALL:!ADH:+RC4+RSA:!HIGH:!LOW:!EXP:!NULL
I noticed that your VirtualHost container doesn't actually contain the
SSLCipherSuite directive. Are you defining that somewhere else, such as
in the global config scope? Double check to make sure that it's being
defined globally as opposed to being wrapped inside another container
object.
Also, you can use this script to check which ciphers are supported by
your site.
http://www.lazorsoftware.com/lazorsoft/files/openssl_check.sh
--
Justin Pasher
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
