harden default ssl settings
Bug #1358305 reported by
Christoph_vW
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| apache2 (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Bug Description
Apache 2 default ssl configuration should be hardened to get better overall ssl security
my proposal:
/etc/apache2/
SSLHonorCipherOrder on
SSLCipherSuite ECDHE-RSA-
SSLProtocol all -SSLv2 -SSLv3
SSLUseStapling on
SSLStaplingResp
SSLStaplingRetu
SSLStaplingCache shmcb:/
Revision history for this message
| Robie Basak (racb) wrote | #1 |
| tags: | added: needs-upstream-report |
| Changed in apache2 (Ubuntu): | |
| importance: | Undecided → Medium |
Revision history for this message
| Pierre Schweitzer (pierre-jean-schweitzer) wrote | #2 |
Revision history for this message
| Launchpad Janitor (janitor) wrote | #3 |
| Changed in apache2 (Ubuntu): | |
| status: | New → Fix Released |
To post a comment you must log in.
Thank you for taking the time to report this bug and helping to make Ubuntu better.
This sort of change should be coordinated with Debian. Please could you check behaviour on Debian (sid), and if appropriate then file a bug there?