Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Configure Apache for a server certificate 128-bit guaranteed (SGC)

A guaranteed 128-bit server certificate allow you to enforce 128-bit connection with some defined browsers. A renegociation of the encypherment level makes it possible. In that case, you have to make an initial weak SSL connection (40-bit) before upgrading it to 128-bit.

Configure the VirtualHost this way:
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:LOW:EXPORT:!EDH:!ADH:!DSS:!SSLv2:+3DES:+DES
SSLProtocol all -SSLv2 -SSLv3 
SSLHonorCipherOrder on   # on apache 2.1+

<Directory /home/votre/virtualhost >
SSLRequire %{SSL_CIPHER_USEKEYSIZE} = 128
</Directory>
This way, your content will only be available in 128-bit.

Useful links