diff options
| author | Julien Vehent <julien@linuxwall.info> | 2015-08-28 16:56:30 -0400 |
|---|---|---|
| committer | Julien Vehent <julien@linuxwall.info> | 2015-08-28 16:56:30 -0400 |
| commit | 3d9af133436b54a20cc03116bb81c7700db296ce (patch) | |
| tree | a811a2a3b0f8a5a0cace8d09fa6173c1c589f5c8 | |
| parent | b915b26f935572e72498bb7355fe40a447bf4a89 (diff) | |
| download | server-side-tls-3d9af133436b54a20cc03116bb81c7700db296ce.zip server-side-tls-3d9af133436b54a20cc03116bb81c7700db296ce.tar.gz server-side-tls-3d9af133436b54a20cc03116bb81c7700db296ce.tar.bz2 | |
Add ECDHE-3DES ciphers to intermediate level
| -rw-r--r-- | Server_Side_TLS.mediawiki | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Server_Side_TLS.mediawiki b/Server_Side_TLS.mediawiki index cc1a2f8..901cd42 100644 --- a/Server_Side_TLS.mediawiki +++ b/Server_Side_TLS.mediawiki @@ -42,7 +42,7 @@ For services that don't need backward compatibility, the parameters below provid == <span style="color:orange;">'''Intermediate'''</span> compatibility (default) == For services that don't need compatibility with legacy clients (mostly WinXP), but still need to support a wide range of clients, this configuration is recommended. It is is compatible with Firefox 1, Chrome 1, IE 7, Opera 5 and Safari 1. -* Ciphersuite: '''ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA''' +* Ciphersuite: '''ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA''' * Versions: '''TLSv1, TLSv1.1, TLSv1.2''' * RSA key size: '''2048''' * DH Parameter size: '''2048''' (see [[Security/Server_Side_TLS#DHE_and_Java|DHE and Java]] for details) |