On 23 Jul 2014, at 7:25 AM, Slusar,Michael wrote:
> Does anyone know how to set up SSL options in httpd.conf or ssl.conf? I am
> trying to force the server to use 256-bit AES Encryption when the
> client\server hello handshake is performed.
You can control the set of ciphers that the server is willing to use using the
SSLCipherSuite directive:
http://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslciphersuite
Note that the documentation for that directive is a little out of date when it
comes to describing the cipher suites that are available--- the specification
is simply passed to OpenSSL, so for more accurate documentation, check which
version of OpenSSL your server is compiled with. The "openssl ciphers" command
is useful for checking exactly what cipher suites a given string will enable
when using a given version of OpenSSL.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
