The world awaits...

More updated SSL tricks

Back on November 24th I updated SSL for an Apache server. As I'm playing around with lighttpd, I decided to do the same for it. Here's the configuration I came up with for a FreeBSD machine:

ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:HIGH:!MD5:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4"

Results in

New, TLSv1/SSLv3, Cipher is DHE-RSA-CAMELLIA256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
Protocol : TLSv1

originally published at

This article was updated on 2020/03/14 15:54:18