Hello Michael, can you add a @STRENGTH at the end of the apache vhost SSLCipherSuite list, which will ask OpenSSL to sort the ciphers by key length? Or are there some concerns about this setting?
Maybe the ciphers could be a little bit re-arranged. What I did find is the following. Maybe it is an option? HIGH:!LOW:!SEED:!DSS:!SSLv2:!aNULL:!eNULL:!NULL:!EXPORT:!ADH:!IDEA:!ECDSA:!3DES:!DES:!MD5:!PSK:!RC4:@STRENGTH Best regards, Dirk --- blackpoint GmbH - Friedberger Straße 106b - 61118 Bad Vilbel _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx