subject:"\[Dspace\-tech\] Ciphers in server.xml"

Re: [Dspace-tech] Ciphers in server.xml

2015-07-15 Thread Alan Orth

Hey, David.

First, don't worry: TLS cipher suites aren't sensitve, they are anyways
enumerable by any client using a web browser. Here are the cipher suites we
use on the web server that does TLS termination in front of our DSpace
server:

https://github.com/ilri/rmg-ansible-public/blob/master/group_vars/dspace#L22

Furthermore, those ciphers come straight from Mozilla's excellent TLS
Server Security wiki:

https://wiki.mozilla.org/Security/Server_Side_TLS

I'd recommend using the moderate TLS cipher suite from Mozilla's guide.
This should appease your security people.

Alan

On Wed, Jul 15, 2015 at 9:59 PM, Hilton Gibson 
wrote:

> Hi David,
>
> Perhaps this will help:
> http://wiki.lib.sun.ac.za/index.php/SUNScholar/Secure_Internet_Connections/S04#SSL_Ciphers_Notes
> :
>
> Cheers
>
> hg
>
> *Hilton Gibson*
> Ubuntu Linux Systems Administrator
> Stellenbosch University Library
> http://staff.lib.sun.ac.za/~hgibson/docs/cv/cv.html
>
>
> On 15 July 2015 at 20:54, Schuster, David  wrote:
>
>>  At the request of our University security team we added several new
>> ciphers to our Dspace Tomcat7 setup yesterday and now today I received a
>> notification that Google was not able to crawl our site.
>>
>>
>>
>> I don’t understand this part of security so are there any suggestions or
>> comments about this?  Should I remove them?  I hesitate to email the list
>> of ciphers we implemented as I don’t understand that part of networking.
>>
>>
>>
>> David Schuster
>>
>> Texas Woman's University
>>
>> Director of Library Information Technology & Technical Support
>>
>> Phone: 940-898-3909
>>
>> dschus...@twu.edu
>>
>> [image: emailsignature][image: Alma_Certified_Admin_Logo]
>>
>>
>>
>>
>> --
>> Don't Limit Your Business. Reach for the Cloud.
>> GigeNET's Cloud Solutions provide you with the tools and support that
>> you need to offload your IT needs and focus on growing your business.
>> Configured For All Businesses. Start Your Cloud Today.
>> https://www.gigenetcloud.com/
>> ___
>> DSpace-tech mailing list
>> DSpace-tech@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/dspace-tech
>> List Etiquette:
>> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>>
>
>
>
> --
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> ___
> DSpace-tech mailing list
> DSpace-tech@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspace-tech
> List Etiquette:
> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>



-- 
Alan Orth
alan.o...@gmail.com
https://alaninkenya.org
https://mjanja.ch
"In heaven all the interesting people are missing." -Friedrich Nietzsche
GPG public key ID: 0x8cb0d0acb5cd81ec209c6cdfbd1a0e09c2f836c0
--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/___
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette

Re: [Dspace-tech] Ciphers in server.xml

2015-07-15 Thread Hilton Gibson

Hi David,

Perhaps this will help:
http://wiki.lib.sun.ac.za/index.php/SUNScholar/Secure_Internet_Connections/S04#SSL_Ciphers_Notes
:

Cheers

hg

*Hilton Gibson*
Ubuntu Linux Systems Administrator
Stellenbosch University Library
http://staff.lib.sun.ac.za/~hgibson/docs/cv/cv.html


On 15 July 2015 at 20:54, Schuster, David  wrote:

>  At the request of our University security team we added several new
> ciphers to our Dspace Tomcat7 setup yesterday and now today I received a
> notification that Google was not able to crawl our site.
>
>
>
> I don’t understand this part of security so are there any suggestions or
> comments about this?  Should I remove them?  I hesitate to email the list
> of ciphers we implemented as I don’t understand that part of networking.
>
>
>
> David Schuster
>
> Texas Woman's University
>
> Director of Library Information Technology & Technical Support
>
> Phone: 940-898-3909
>
> dschus...@twu.edu
>
> [image: emailsignature][image: Alma_Certified_Admin_Logo]
>
>
>
>
> --
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> ___
> DSpace-tech mailing list
> DSpace-tech@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/dspace-tech
> List Etiquette:
> https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
>
--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/___
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette

[Dspace-tech] Ciphers in server.xml

2015-07-15 Thread Schuster, David

At the request of our University security team we added several new ciphers to 
our Dspace Tomcat7 setup yesterday and now today I received a notification that 
Google was not able to crawl our site.

I don't understand this part of security so are there any suggestions or 
comments about this?  Should I remove them?  I hesitate to email the list of 
ciphers we implemented as I don't understand that part of networking.

David Schuster
Texas Woman's University
Director of Library Information Technology & Technical Support
Phone: 940-898-3909
dschus...@twu.edu
[emailsignature][Alma_Certified_Admin_Logo]

--
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/___
DSpace-tech mailing list
DSpace-tech@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/dspace-tech
List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette

Re: [Dspace-tech] Ciphers in server.xml

Re: [Dspace-tech] Ciphers in server.xml

[Dspace-tech] Ciphers in server.xml

3 matches

Site Navigation

Mail list logo

Footer information