|
Line 52
Link Here
|
|
|
52 |
# SSL Cipher Suite: |
| 53 |
# List the ciphers that the client is permitted to negotiate. See the |
| 54 |
# ciphers(1) man page from the openssl package for list of all available |
| 55 |
# options. |
| 56 |
# The value "SSLCipherSuite" has been set via UCR variable "apache2/ssl/ciphersuite" |
| 57 |
@!@ |
| 58 |
if configRegistry.get('apache2/ssl/ciphersuite'): |
| 59 |
print 'SSLCipherSuite %s' % configRegistry.get('apache2/ssl/ciphersuite') |
| 60 |
@!@ |
| 61 |
|
| 62 |
# SSLHonorCipherOrder |
| 63 |
# Option to prefer the server's cipher preference order |
| 64 |
# When choosing a cipher during an SSLv3 or TLSv1 handshake, normally the |
| 65 |
# client's preference is used. If this directive is enabled, |
| 66 |
# the server's preference will be used instead. |
| 67 |
# Default: SSLHonorCipherOrder off |
| 68 |
# The value "SSLHonorCipherOrder" has been set via UCR variable "apache2/ssl/honorcipherorder" |
| 69 |
@!@ |
| 70 |
if configRegistry.get('apache2/ssl/honorcipherorder'): |
| 71 |
print 'SSLHonorCipherOrder %s' % configRegistry.get('apache2/ssl/honorcipherorder') |
| 72 |
@!@ |
| 73 |
|
| 74 |
# SSLCompression |
| 75 |
# This directive allows to enable compression on the SSL level. |
| 76 |
# Default: SSLCompression off |
| 77 |
# Warning: Enabling compression causes security issues in most setups (the so called CRIME attack). |
| 78 |
# The value "SSLCompression" has been set via UCR variable "apache2/ssl/compression" |
| 79 |
@!@ |
| 80 |
if configRegistry.get('apache2/ssl/compression'): |
| 81 |
print 'SSLCompression %s' % configRegistry.get('apache2/ssl/compression') |
| 82 |
@!@ |
| 83 |
|