diff options
Diffstat (limited to 'docs/manual/ssl/ssl_howto.html.en')
| -rw-r--r-- | docs/manual/ssl/ssl_howto.html.en | 15 |
1 files changed, 6 insertions, 9 deletions
diff --git a/docs/manual/ssl/ssl_howto.html.en b/docs/manual/ssl/ssl_howto.html.en index 1c40482aab..fc4be6d5df 100644 --- a/docs/manual/ssl/ssl_howto.html.en +++ b/docs/manual/ssl/ssl_howto.html.en @@ -68,21 +68,18 @@ only?</a></h3> <p>The following enables only the strongest ciphers:</p> <div class="example"><h3>httpd.conf</h3><p><code> - SSLProtocol all -SSLv2<br /> - SSLCipherSuite HIGH:!aNULL:!EXP:!MD5:!NULL<br /> + SSLCipherSuite HIGH:!aNULL:!MD5<br /> </code></p></div> - <p>While with the following configuration you enable two ciphers - which are resonably secure, and fast:</p> + <p>While with the following configuration you specify a preference + for specific speed-optimized ciphers (which will be selected by + mod_ssl, provided that they are supported by the client):</p> <div class="example"><h3>httpd.conf</h3><p><code> - SSLProtocol all -SSLv2<br /> - SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!EXP:!MD5:!NULL<br /> + SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5<br /> SSLHonorCipherOrder on </code></p></div> - <p>This strongly reflects the default value of <code class="directive"><a href="../mod/mod_ssl.html#sslciphersuite">SSLCipherSuite</a></code> and is the recommanded way to configure it.</p> - <h3><a name="strongurl" id="strongurl">How can I create an SSL server which accepts all types of ciphers in general, but requires a strong ciphers for access to a particular @@ -101,7 +98,7 @@ URL?</a></h3> <Location /strong/area><br /> # but https://hostname/strong/area/ and below<br /> # requires strong ciphers<br /> - SSLCipherSuite HIGH:!aNULL:!EXP:!MD5:!NULL<br /> + SSLCipherSuite HIGH:!aNULL:!MD5<br /> </Location> </code></p></div> |