[stunnel-users] enforcing minimum cipher set available
auto403973 at hushmail.com
auto403973 at hushmail.com
Wed Dec 29 07:48:26 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
is there a way (perhaps using extended 'options' section?), to
enforce a minimum cipher strength / type for the connecting client?
a solution would be to use apache 2's sslproxy to stunnel (yikes),
but stunnel rocks :)
apache / mod_ssl - from httpd.conf
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:-
SSLv2:+EXP:+eNULL
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4
wkYEARECAAYFAkHSUs4ACgkQdgNHoxEs/oi+2ACfYPDjijulcO0luIPfV2oYZ4aLWdAA
niumLVXQRaEEK12TO5EF12e9ay/b
=aNe8
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434
Promote security and make money with the Hushmail Affiliate Program:
http://www.hushmail.com/about-affiliate?l=427
More information about the stunnel-users
mailing list