Security/Server Side TLS: Difference between revisions

Jump to navigation Jump to search

Security/Server Side TLS (view source)

Revision as of 13:03, 20 October 2013

111 bytes added ,  20 October 2013
→‎Apache
(Version 2.1: ulfr: RC4 vs 3DES discussion. r=joes r=tinfoil)
Line 230: Line 230:
== Apache ==
== Apache ==
Originally published on https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-mod_ssl/
Originally published on https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-mod_ssl/
OCSP Stapling is only available in httpd 2.3.3 and later.


In Apache 2.4.6, the DH parameter is always set to 1024 bits and is not user configurable. Future versions of Apache will automatically select a better value for the DH parameter.
In Apache 2.4.6, the DH parameter is always set to 1024 bits and is not user configurable. Future versions of Apache will automatically select a better value for the DH parameter.
Line 245: Line 247:
     SSLHonorCipherOrder    on
     SSLHonorCipherOrder    on
     SSLCompression          off
     SSLCompression          off
    # OCSP Stapling, only in httpd 2.3.3 and later
     SSLUseStapling          on
     SSLUseStapling          on
     SSLStaplingResponderTimeout 5
     SSLStaplingResponderTimeout 5
Ulfr
Confirmed users
529

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/733141"

Navigation menu