You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users-de@httpd.apache.org by Manfred Rebentisch <mr...@comparat.de> on 2019/07/31 05:50:58 UTC

Re: Domains zu Websites auf vServer werden teilweise nicht aufgelöst

Hallo,

Am 14.03.17 um 16:28 schrieb Reindl Harald:
> So in etwa sollte eine vernünftige ssl-config für den httpd aussehen
> 
> SSLProtocol All -SSLv2 -SSLv3
> SSLFIPS Off
> SSLCompression Off
> SSLInsecureRenegotiation Off
> SSLSessionTickets Off
> SSLVerifyClient none
> SSLHonorCipherOrder On
> SSLCipherSuite
> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:!LOW:!MEDIUM
> 

Mit meiner letsencrypt Installation kam folgende Definition:

SSLCipherSuite
ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS

Sollte ich das besser korrigieren?
Danke,
Manfred



---------------------------------------------------------------------
To unsubscribe, e-mail: users-de-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-de-help@httpd.apache.org