Best pratices SSL pour apache

Pour faire comprendre à apache que NON, on veut pas nimporte quelle saleté pour chiffrer notre trafic chéri, on utilise les directives SSLProtocol et SSLCipherSuite.

<Virtualhost *:443>
        LogLevel warn
       SSLEngine on
       SSLCertificateFile      /etc/apache2/certs/serveur.crt
       SSLCertificateKeyFile   /etc/apache2/certs/serveur.key
       SSLProtocol -all +SSLv3 +TLSv1
       SSLCipherSuite SSLv3:+HIGH:+MEDIUM:!LOW:!eNULL:!aNULL:!ADH
</VirtualHost>

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
CAPTCHA
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.