Go to English page

ViaThinkSoft CodeLib

Dieser Artikel befindet sich in:
CodeLibHowTos

You can check your server for common problems with SSL/TLS:

https://www.ssllabs.com/ssltest/

In case you get a lower grade because "Forward Secrecy" is not enabled for all browsers, you can do following configuration change in Apache:

Edit /etc/apache2/mods-enabled/ssl.conf :

1. Replace "SSLCipherSuite HIGH:!aNULL"
with
"SSLCipherSuite HIGH:!aNULL:!eNULL:!kECDH:!aDH:!RC4:!3DES:!CAMELLIA:!MD5:!PSK:!SRP:!KRB5:@STRENGTH"

2. Enable the line "SSLHonorCipherOrder on"

3. Additionally, you can add "SSLStaplingCache shmcb:/var/run/ssl_stapling(32768)"
Daniel Marschall
ViaThinkSoft Mitbegründer, Security Management
ViaThinkSoft Co-Founder, Security Management