From: Ben Laurie Date: Sat, 11 Jun 2005 16:26:01 +0000 (+0000) Subject: Note on ciphersuites. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=451131ff76b1feaa713bc3656a3e342f2e0d490a;p=thirdparty%2Fapache%2Fhttpd.git Note on ciphersuites. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/fips-dev@190145 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/README-FIPS b/README-FIPS index 14aab82cae3..93b405c2b53 100644 --- a/README-FIPS +++ b/README-FIPS @@ -38,3 +38,11 @@ code). Certificates: must be signed using SHA-1. Passwords: must be SHA-1 hashed. + +httpd.conf: + +SSLProtocol +TLSv1 + +SSLCipherSuite DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHAEXP1024-DHE-DSS-DES-CBC-SHA:EXP1024-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA + +The cipher suites can, of course, be a subset of the above.