George Wash wrote:
Using mod_nss version 1.0.12-1.fc23 on fedora
Is there a way to specify the ordering if of suites in the
NSSCipherSuites directive?
No, NSS doesn't allow custom ordering of suites. It orders them on its
own strength calculations.
rob
I have done some testing with curl,
For example:____
Client asserts: rsa_aes_256_sha, rsa_aes_128_sha____
Server Accepts: +rsa_aes_256_sha,+rsa_aes_128_sha____
Negotiated: rsa_aes_128_sha____
__ __
Client asserts: rsa_aes_128_sha, rsa_aes_256_sha____
Server Accepts: +rsa_aes_256_sha,+rsa_aes_128_sha____
Negotiated: rsa_aes_128_sha____
__ __
__ __
Client asserts: rsa_aes_256_sha, rsa_aes_128_sha____
Server Accepts: +rsa_aes_128_sha, +rsa_aes_256_sha,____
Negotiated: rsa_aes_128_sha____
__ __
Client asserts: rsa_aes_128_sha, rsa_aes_256_sha____
Server Accepts: +rsa_aes_128_sha, +rsa_aes_256_sha,____
Negotiated: rsa_aes_128_sha____
__ __
Control test:____
Client asserts: rsa_aes_256_sha____
Server Accepts: +rsa_aes_128_sha, +rsa_aes_256_sha,____
Negotiated: rsa_aes_256_sha
Thanks
_______________________________________________
Mod_nss-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/mod_nss-list
_______________________________________________
Mod_nss-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/mod_nss-list
