SSL Cipher configuration

[Matthieu Decorniquet <md...@partouchetechnologies.com>]

Hello,

I have a little issue with this great piece of software we are using in 
our company

We are using trafficserver as a secure frontend for an online gambling 
site, players connect to it through ssl, a plugin we added does some 
stuff, then the data is sent to an apache through a ssl tunnel (we're 
using stunnel).
The quirk here are the ciphers permitted by trafficserver during the ssl 
handshake, we need roughly the ciphers reported by 'openssl ciphers FIPS 
-v', and I can't find a way to specify that in trafficserver...

On the other hand, we needed to deactivate sslv2, which was on by 
default in trafficserver, and quite easy to turn off...

Any help will be gladly appreciated on the matter...

Kind regards,

-- 
*Matthieu Decorniquet
**Partouche Technologies
Groupe Partouche Interactive***

Re: SSL Cipher configuration

["ming.zym@gmail.com" <mi...@gmail.com>]

yeah, we have no Cipher control in SSL for now, that issue have been
opened:
https://issues.apache.org/jira/browse/TS-730
[gsoc2011] SSL needs CipherSuite control in negotiation 

sslv2 should be disabled by default, I will take care of it.

thanks

在 2011-05-02一的 17:15 +0200，Matthieu Decorniquet写道：
> Hello,
> 
> I have a little issue with this great piece of software we are using in 
> our company
> 
> We are using trafficserver as a secure frontend for an online gambling 
> site, players connect to it through ssl, a plugin we added does some 
> stuff, then the data is sent to an apache through a ssl tunnel (we're 
> using stunnel).
> The quirk here are the ciphers permitted by trafficserver during the ssl 
> handshake, we need roughly the ciphers reported by 'openssl ciphers FIPS 
> -v', and I can't find a way to specify that in trafficserver...
> 
> On the other hand, we needed to deactivate sslv2, which was on by 
> default in trafficserver, and quite easy to turn off...
> 
> Any help will be gladly appreciated on the matter...
> 
> Kind regards,
>