Configure Apache for a server certificate 128-bit guaranteed (SGC)
A guaranteed 128-bit server certificate allow you to enforce 128-bit connection with some defined browsers. A renegociation of the encypherment level makes it possible. In that case, you have to make an initial weak SSL connection (40-bit) before upgrading it to 128-bit.Configure the VirtualHost this way:
SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:LOW:EXPORT:!EDH:!ADH:!DSS:!SSLv2:+3DES:+DES SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on # on apache 2.1+ <Directory /home/votre/virtualhost > SSLRequire %{SSL_CIPHER_USEKEYSIZE} = 128 </Directory>This way, your content will only be available in 128-bit.
Useful links
Last edited on 06/18/2015 07:36:19 --- [search]