|
|
|
52 |
# SSL Cipher Suite: |
53 |
# List the ciphers that the client is permitted to negotiate. See the |
54 |
# ciphers(1) man page from the openssl package for list of all available |
55 |
# options. |
56 |
# The value "SSLCipherSuite" has been set via UCR variable "apache2/ssl/ciphersuite" |
57 |
@!@ |
58 |
if configRegistry.get('apache2/ssl/ciphersuite'): |
59 |
print 'SSLCipherSuite %s' % configRegistry.get('apache2/ssl/ciphersuite') |
60 |
@!@ |
61 |
|
62 |
# SSLHonorCipherOrder |
63 |
# Option to prefer the server's cipher preference order |
64 |
# When choosing a cipher during an SSLv3 or TLSv1 handshake, normally the |
65 |
# client's preference is used. If this directive is enabled, |
66 |
# the server's preference will be used instead. |
67 |
# Default: SSLHonorCipherOrder off |
68 |
# The value "SSLHonorCipherOrder" has been set via UCR variable "apache2/ssl/honorcipherorder" |
69 |
@!@ |
70 |
if configRegistry.get('apache2/ssl/honorcipherorder'): |
71 |
print 'SSLHonorCipherOrder %s' % configRegistry.get('apache2/ssl/honorcipherorder') |
72 |
@!@ |
73 |
|
74 |
# SSLCompression |
75 |
# This directive allows to enable compression on the SSL level. |
76 |
# Default: SSLCompression off |
77 |
# Warning: Enabling compression causes security issues in most setups (the so called CRIME attack). |
78 |
# The value "SSLCompression" has been set via UCR variable "apache2/ssl/compression" |
79 |
@!@ |
80 |
if configRegistry.get('apache2/ssl/compression'): |
81 |
print 'SSLCompression %s' % configRegistry.get('apache2/ssl/compression') |
82 |
@!@ |
83 |
|