Update: Practical recommendations - Webservers: CipherStrings match old CipherString...
[ach-master.git] / src / configuration / Webservers / Cherokee / cherokee.conf
index 9fd94c4..f997782 100644 (file)
@@ -52,7 +52,7 @@ vserver!1!rule!1!match = default
 vserver!1!ssl_certificate_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
 vserver!1!ssl_certificate_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
 vserver!1!ssl_cipher_server_preference = 1
-vserver!1!ssl_ciphers = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA
+vserver!1!ssl_ciphers = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA
 vserver!1!ssl_compression = 0
 vserver!1!ssl_dh_length = 2048