yeah, we have no Cipher control in SSL for now, that issue have been opened: https://issues.apache.org/jira/browse/TS-730 [gsoc2011] SSL needs CipherSuite control in negotiation
sslv2 should be disabled by default, I will take care of it. thanks 在 2011-05-02一的 17:15 +0200,Matthieu Decorniquet写道: > Hello, > > I have a little issue with this great piece of software we are using in > our company > > We are using trafficserver as a secure frontend for an online gambling > site, players connect to it through ssl, a plugin we added does some > stuff, then the data is sent to an apache through a ssl tunnel (we're > using stunnel). > The quirk here are the ciphers permitted by trafficserver during the ssl > handshake, we need roughly the ciphers reported by 'openssl ciphers FIPS > -v', and I can't find a way to specify that in trafficserver... > > On the other hand, we needed to deactivate sslv2, which was on by > default in trafficserver, and quite easy to turn off... > > Any help will be gladly appreciated on the matter... > > Kind regards, >
