Web Server: OpenSSL Cipher Suite

From Resin 4.0 Wiki

(Difference between revisions)

Revision as of 00:00, 26 January 2012

Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl> block.

<http port="443">
  ...
  <openssl>
    <certificate-key-file>keys/your_domain.key</certificate-key-file>
    <certificate-file>keys/your_domain.crt</certificate-file>        
    <certificate-chain-file>keys/chain.txt</certificate-chain-file>
    <password>test123</password>
    <cipher-suite>ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM</cipher-suite>
    <protocol>-all +sslv3 +tlsv1</protocol>   
  </openssl>
</http>

Typically this is required for website PCI compliance.

Refer to the Resin SSL documentation for more information.

Revision as of 00:00, 26 January 2012 (view source) Cowan (Talk \| contribs) ← Older edit		Revision as of 00:00, 26 January 2012 (view source) Cowan (Talk \| contribs) Newer edit →
Line 1:		Line 1:
−	{{WebServer}} {{Cookbook}} {{Security}}	+	{{WebServer}} {{Cookbook}} {{Security}} {{Config}}

	Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl> block.		Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl> block.

Web Server: OpenSSL Cipher Suite

From Resin 4.0 Wiki

Revision as of 00:00, 26 January 2012

Views

Personal tools

Navigation

SEARCH

TOOLBOX

LANGUAGES

Search

Toolbox