Skip to content
Commit d7efe881 authored by William A. Rowe Jr's avatar William A. Rowe Jr
Browse files

Change the SSLCipherSuite default to a shorter, whitelist oriented

definition.

Disable AECDH ciphers in example config by using !aNULL (which includes
all ciphers without authentication.

PR: 51363
Submitted by: rjung, kbrand, Rob Stradling <rob comodo com>
Backports: r966160, r1135234, r1203752 

Fix up some SSL configuration, per issue #49484. IE6 had a hotfix released
for this problem quite a while back (see kb 921090), so restrict the
modified behavior to the old/unsupported browsers.
* docs/conf/extra/http-ssl.conf.in:
  (): tighten up the regex to only select old MSIE browsers for the
    downgrade in http behavior. this allows IE6 to run much faster.
* Make the MSIE BrowserMatch regexp fit for MSIE 10. Remove useless '.*'

Backports: r966055, r1132793
Submitted by: gstein, sf

Reviewed by: wrowe, rjung, gsmith


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.0.x@1497156 13f79535-47bb-0310-9956-ffa450edef68
parent 1c9269b5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment