On Thu, Dec 17, 2009 at 6:21 PM, Justin Pasher
wrote:
> François Beaune wrote:
[snip]
> I'm still getting the same list, even if I use the SSLCipherSuite you
>> suggested, so it's clearly not used.
>>
>> On my side (in my subdomain's configurat
On Wed, Dec 16, 2009 at 7:00 PM, Justin Pasher
wrote:
[snip]
Here is the SSLCipherSuite directive that I use on my servers to lock out
> insecure ciphers:
>
> SSLCipherSuite AES256-SHA:DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5
>
> Try setting your config to this value. Obviously this is different t
On Wed, Dec 16, 2009 at 5:03 PM, Justin Pasher
wrote:
> François Beaune wrote:
>
>> Hey Justin,
>>
>> Thanks for your answer. I did add the various versions of the
>> SSLCipherSuite directive to my virtual host container, sorry if that wasn't
>> clea
good. Still,
I don't understand why this doesn't happen with Firefox (it always uses AES
256, which shouldn't be allowed, if I understand things correctly). Any
clue?
Cheers,
Franz
On Tue, Dec 15, 2009 at 8:26 PM, Justin Pasher
wrote:
> François Beaune wrote:
>
>> H
Hello,
I have a setup where Apache 2.2.3 is serving a large SVN repository with
WebDAV over HTTPS (using basic authentication).
Everything is working correctly; I would simply like to force usage of
faster cipher algorithms (trading some security in favor of speed) than what
seems to be allowed