> > and to be clear here: > > a client when connecting to a server configured like below has to respect > the cipher order of the server while > https://www.ssllabs.com/ssltest/ exists for years to give dministrators > of the server some help and which clients are using which cipher >
Just minor nitpicking to get the facts right: A client does never respect the used cipher order of the server. A client offers a number of ciphers and the server chooses one of those, either based on its own order (preferred) or based on the client-preferred order. If you know other programs doing it better, research how they do it and propose a change to PHP please. Regards, Niklas
