Security
you can test your security weakness about TLS/SSL.
I get a grade B because in this section
> Cipher Suites (sorted by strength; the server has no preference)
TLSRSAWITHDESCBC_SHA (0x9) WEAK 56
TLSDHERSAWITHDESCBCSHA (0x15) DH 1024 bits (p: 128, g: 1, Ys: 128) FS WEAK 56
As you can see I get weak ciher.
How can I disable this cipher?
2 Replies
> SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT
@sblantipodi:
solved with this in ssl.conf.
> SSLProtocol -ALL +SSLv3 +TLSv1SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT
I'd ditch SSLv3 entirely and just use TLS 1.0, 1.1 and 1.2.