harden default ssl settings
Bug #1358305 reported by
Christoph_vW
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Apache 2 default ssl configuration should be hardened to get better overall ssl security
my proposal:
/etc/apache2/
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-
SSLProtocol all -SSLv2 -SSLv3
SSLUseStapling on
SSLStaplingResp
SSLStaplingRetu
SSLStaplingCache shmcb:/
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better.
This sort of change should be coordinated with Debian. Please could you check behaviour on Debian (sid), and if appropriate then file a bug there?