OpenSSL Cipher Suite
From Resin 3.0
(Difference between revisions)
(New page: Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl>block. <pre> <http port="443"> ... <openssl> <certificate-key-file>keys/...) |
|||
| Line 1: | Line 1: | ||
| − | Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl>block. | + | Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl> block. |
<pre> | <pre> | ||
Revision as of 21:17, 9 December 2011
Modifying OpenSSL to specify allowed cipher suites and protocols can be done in resin.xml, in the <openssl> block.
<http port="443">
...
<openssl>
<certificate-key-file>keys/your_domain.key</certificate-key-file>
<certificate-file>keys/your_domain.crt</certificate-file>
<certificate-chain-file>keys/chain.txt</certificate-chain-file>
<password>test123</password>
<cipher-suite>ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM</cipher-suite>
<protocol>-all +sslv3 +tlsv1</protocol>
</openssl>
</http>
Typically this is requires for webserver PCI compliance.
Refer to [Resin SSL documentation] for more information.
