[SERVER-14145] Restrict supported cipher over ssl Created: 03/Jun/14 Updated: 10/Dec/14 Resolved: 03/Jun/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Security |
| Affects Version/s: | 2.4.8 |
| Fix Version/s: | None |
| Type: | Question | Priority: | Major - P3 |
| Reporter: | Erik Sodervall | Assignee: | Unassigned |
| Resolution: | Duplicate | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Participants: | |||||||||
| Description |
|
Hi, Is there a way to restrict the supported ciphers over ssl? -Erik Apache conf would look like this: |
| Comments |
| Comment by Eric Milkie [ 03/Jun/14 ] |
|
See |
| Comment by Eric Milkie [ 03/Jun/14 ] |
|
Today, the Cipher Suite is always restricted to "HIGH:!EXPORT:!aNULL@STRENGTH". There is no way to change this value unless you recompile the server. |