You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Fiorenzi Alessandro <a....@infogroup.it> on 2005/06/30 10:43:43 UTC
[users@httpd] AES on SSL with apache2
Hi, I have seen that some site like washington.edu if your client is
firefox use AES for SSL encription, and other like RC4 128 for Explorer
or other browser.
How can I configure my apache to use AES?
Thanks
Alessandro Fiorenzi
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
[users@httpd] Re: AES on SSL with apache2
Posted by Joost de Heer <sa...@xs4all.nl>.
Fiorenzi Alessandro said:
> Hi, I have seen that some site like washington.edu if your client is
> firefox use AES for SSL encription, and other like RC4 128 for Explorer
> or other browser.
>
> How can I configure my apache to use AES?
Check SSLCipherSuite.
Joost
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] AES on SSL with apache2
Posted by Alexander Lazic <al...@none.at>.
Hi,
On Don 30.06.2005 11:05, Fiorenzi Alessandro wrote:
>>
>> SSLCipherSuite
>>
>> vor 1.3.x
>> => http://www.modssl.org/docs/2.8/ssl_reference.html#ToC9
>> vor 2.0.x
>> => http://httpd.apache.org/docs-2.0/mod/mod_ssl.html.en#sslciphersuite
>>
>> Hth
>>
>> al ;-)
>
>but no one of that regard about AES
Aehm have you read _all_ of the description?!
>From the above page:
openssl ciphers -v 'ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'|egrep AES|wc -l
6
openssl ciphers -v 'ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP'
---
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-RC4-SHA SSLv3 Kx=DH Au=DSS Enc=RC4(128) Mac=SHA1
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1
DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC3-MD5 SSLv2 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5
RC2-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5
RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-64-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(64) Mac=MD5
DES-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=DES(56) Mac=MD5
EXP1024-DHE-DSS-RC4-SHA SSLv3 Kx=DH(1024) Au=DSS Enc=RC4(56) Mac=SHA1 export
EXP1024-RC4-SHA SSLv3 Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=SHA1 export
EXP1024-DHE-DSS-DES-CBC-SHA SSLv3 Kx=DH(1024) Au=DSS Enc=DES(56) Mac=SHA1 export
EXP1024-DES-CBC-SHA SSLv3 Kx=RSA(1024) Au=RSA Enc=DES(56) Mac=SHA1 export
EXP1024-RC2-CBC-MD5 SSLv3 Kx=RSA(1024) Au=RSA Enc=RC2(56) Mac=MD5 export
EXP1024-RC4-MD5 SSLv3 Kx=RSA(1024) Au=RSA Enc=RC4(56) Mac=MD5 export
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
EXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
---
Hth
al ;-)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] AES on SSL with apache2
Posted by Fiorenzi Alessandro <a....@infogroup.it>.
On Thu, 2005-06-30 at 10:54 +0200, Alexander Lazic wrote:
> Hi,
>
> On Don 30.06.2005 10:43, Fiorenzi Alessandro wrote:
> >
> >I have seen that some site like washington.edu if your client is
> >firefox use AES for SSL encription, and other like RC4 128 for Explorer
> >or other browser.
> >
> >How can I configure my apache to use AES?
>
> SSLCipherSuite
>
> vor 1.3.x
> => http://www.modssl.org/docs/2.8/ssl_reference.html#ToC9
> vor 2.0.x
> => http://httpd.apache.org/docs-2.0/mod/mod_ssl.html.en#sslciphersuite
>
> Hth
>
> al ;-)
but no one of that regard about AES
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] AES on SSL with apache2
Posted by Alexander Lazic <al...@none.at>.
Hi,
On Don 30.06.2005 10:43, Fiorenzi Alessandro wrote:
>
>I have seen that some site like washington.edu if your client is
>firefox use AES for SSL encription, and other like RC4 128 for Explorer
>or other browser.
>
>How can I configure my apache to use AES?
SSLCipherSuite
vor 1.3.x
=> http://www.modssl.org/docs/2.8/ssl_reference.html#ToC9
vor 2.0.x
=> http://httpd.apache.org/docs-2.0/mod/mod_ssl.html.en#sslciphersuite
Hth
al ;-)
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org