Am 09.05.2014 21:57, schrieb Sebastian Goodrick: > On 09.05.2014 14:40, Reindl Harald wrote: >>> For any reason I don't understand, there are ciphers listed twice >>> in the old OpenSSL version but also once in the new version: >>> EXP-RC2-CBC-MD5, EXP-RC4-MD5, RC4-MD5 >> EXP-RC4-MD5 != RC4-MD5 > Obviously. But what is the point of listing both of them twice in > OpenSSL 0.9.8g? > >> ssl_prefer_server_ciphers = yes > This setting is not supported in 2.1.7 (as shipped with Debian Weezy) > >> ssl_cipher_list = >> ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-RSA-CAMELLIA256-SHA:CAMELLIA128-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:!SSLv2 > I > > just gave this cipher list a try, but it didn't change the behaviour > for Win8/Outlook 2013. > >
-- Reindl Harald the lounge interactive design GmbH A-1060 Vienna, Hofmühlgasse 17 CTO / CISO / Software-Development m: +43 (676) 40 221 40, p: +43 (1) 595 3999 33 icq: 154546673, http://www.thelounge.net/ http://www.thelounge.net/signature.asc.what.htm
signature.asc
Description: OpenPGP digital signature
