Hi,
I've just switched my webserver from 5.6/nginx to 5.7/httpd and was
testing my TLS setup using SSL Labs[1]. The SSL Labs test indicates that
my setup doesn't support forward secrecy. Is this not implemented in
the 5.7 version of httpd or is my configuration wrong (included below)?
OS: OpenBSD 5.7-stable AMD64
Kind regards,
Martijn Rijkeboer
--- /etc/httpd.conf ---
ext_addr="*"
server "www.bunix.org" {
listen on $ext_addr tls port 443
tls certificate "/etc/ssl/www.bunix.org.crt.pem"
tls key "/etc/ssl/private/www.bunix.org.key.pem"
connection {
max requests 500
timeout 3600
}
root "/htdocs/www.bunix.org"
}
types {
include "/usr/share/misc/mime.types"
}
---------
[1] https://www.ssllabs.com/ssltest/
