> > $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA > > DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) > > Mac=SHA1 > > > > $ openssl ciphers -v AES128-SHA256 > > AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) > > Mac=SHA256 > > > >Does your application need to perform faster, offer forward-secrecy, be > >most interoperable, ... ? > > these was the result of using 2 different browsers with the same SSL > website ... > (1) an old firefox > (2) the latest IE - IE11 on Win 8.1 > > https://ssl.mathemainzel.info/info/ > you can try your browser ... > > how would I define forward-secrecy on Apache webserver?
If the server negotiated both ciphers, it already supports forward-secrecy (aka PFS) if the client does too. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org