Changes

Jump to: navigation, search

Security/Server Side TLS

471 bytes added, 14:11, 20 May 2015
no edit summary
</td>
</tr></table>
 
Updates to this page should be submitted to the [[https://github.com/mozilla/server-side-tls source repository on github]].
 
If you are looking for the configuration generator, follow this link: [[https://mozilla.github.io/server-side-tls/ssl-config-generator/ https://mozilla.github.io/server-side-tls/ssl-config-generator/]].
= Recommended configurations =
<source lang="python">
config := tls.Config{ MinVersion: tls.VersionTLS10, PreferServerCipherSuites: true, CipherSuites: []uint16{ tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_128_CBC_SHA, tls.TLS_RSA_WITH_AES_256_CBC_SHA, tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA}, }
</source>
$ gnutls-cli -l --priority NONE:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AES-256-CBC:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:+SIGN-RSA-SHA224:+SIGN-RSA-SHA1:+SIGN-DSA-SHA256:+SIGN-DSA-SHA224:+SIGN-DSA-SHA1:+CURVE-ALL:+AEAD:+SHA256:+SHA384:+SHA1:+COMP-NULLCipher suites for NONE:+VERS-TLS1.2:+VERS-TLS1.1:+VERS-TLS1.0:+ECDHE-RSA:+DHE-RSA:+RSA:+AES-128-GCM:+AES-128-CBC:+AES-256-CBC:+SIGN-RSA-SHA256:+SIGN-RSA-SHA384:+SIGN-RSA-SHA512:+SIGN-RSA-SHA224:+SIGN-RSA-SHA1:+SIGN-DSA-SHA256:+SIGN-DSA-SHA224:+SIGN-DSA-SHA1:+CURVE-ALL:+AEAD:+SHA256:+SHA384:+SHA1:+COMP-NULL
TLS_ECDHE_RSA_AES_128_GCM_SHA256 0xc0, 0x2f TLS1.2TLS_ECDHE_RSA_AES_128_CBC_SHA256 0xc0, 0x27 TLS1.0TLS_ECDHE_RSA_AES_128_CBC_SHA1 0xc0, 0x13 SSL3.0TLS_ECDHE_RSA_AES_256_CBC_SHA1 0xc0, 0x14 SSL3.0TLS_DHE_RSA_AES_128_GCM_SHA256 0x00, 0x9e TLS1.2TLS_DHE_RSA_AES_128_CBC_SHA256 0x00, 0x67 TLS1.0TLS_DHE_RSA_AES_128_CBC_SHA1 0x00, 0x33 SSL3.0TLS_DHE_RSA_AES_256_CBC_SHA256 0x00, 0x6b TLS1.0TLS_DHE_RSA_AES_256_CBC_SHA1 0x00, 0x39 SSL3.0TLS_RSA_AES_128_GCM_SHA256 0x00, 0x9c TLS1.2TLS_RSA_AES_128_CBC_SHA256 0x00, 0x3c TLS1.0TLS_RSA_AES_128_CBC_SHA1 0x00, 0x2f SSL3.0TLS_RSA_AES_256_CBC_SHA256 0x00, 0x3d TLS1.0TLS_RSA_AES_256_CBC_SHA1 0x00, 0x35 SSL3.0
Certificate types: none
Ulfr
Confirm
529
edits
Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1075484"

Navigation menu