summaryrefslogtreecommitdiffstats
path: root/contrib/nssciphersuite
Commit message (Collapse)AuthorAgeFilesLines
* pylint: enable the import-error checkJan Cholasta2016-10-241-1/+4
| | | | | | | | | | Check for import errors with pylint to make sure new python package dependencies are not overlooked. https://fedorahosted.org/freeipa/ticket/6418 Reviewed-By: Petr Spacek <pspacek@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
* Modernize mod_nss's cipher suitesChristian Heimes2016-02-112-0/+183
The list of supported TLS cipher suites in /etc/httpd/conf.d/nss.conf has been modernized. Insecure or less secure algorithms such as RC4, DES and 3DES are removed. Perfect forward secrecy suites with ephemeral ECDH key exchange have been added. IE 8 on Windows XP is no longer supported. The list of enabled cipher suites has been generated with the script contrib/nssciphersuite/nssciphersuite.py. TLS_RSA_WITH_AES_128_CBC_SHA256 TLS_RSA_WITH_AES_256_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_GCM_SHA256 TLS_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_AES_256_GCM_SHA384 TLS_RSA_WITH_AES_256_CBC_SHA https://fedorahosted.org/freeipa/ticket/5589 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Martin Basti <mbasti@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-21 08:48:49 +0000