version: 2015-01-26 OS: CentOS release 6.6 (Final) updated 2015-01-26 Apache: 2.2.15-39.el6.centos OpenSSL: 1.0.1e-30.el6_6.5 # Rationale: # SHA384 = SHA256, SHA256 > SHA # GCM > CBC # ECDHE > DHE # AES256 > AES128 # # Include all ciphers needed to support popular browsers according to ssllabs.com, and sort according to above rules, # ... expect for IE on XP and Java 6 - enough is enough # # Don't include ECDSA modes, because we don't have a ECDSA certificate # Don't include non-Forward-Secrecy (non-Ephemeral) modes, as a matter of principle. We want our communications to # be secure now and also after Eve has broken our RSA keys and goes through her archive or recorded SSL conversations. # # openssl ciphers | tr : "\n" | egrep ^ECDHE-ECDSA # ECDHE-ECDSA-AES256-GCM-SHA384 # ECDHE-ECDSA-AES128-GCM-SHA256 # ECDHE-ECDSA-AES256-SHA384 # ECDHE-ECDSA-AES128-SHA256 # ECDHE-ECDSA-AES256-SHA # ECDHE-ECDSA-AES128-SHA # ECDHE-ECDSA-DES-CBC3-SHA -- hell no! # ECDHE-ECDSA-RC4-SHA -- hell no! # openssl ciphers | tr : "\n" | egrep ^ECDHE-RSA # ECDHE-RSA-AES256-GCM-SHA384 # ECDHE-RSA-AES128-GCM-SHA256 # ECDHE-RSA-AES256-SHA384 # ECDHE-RSA-AES128-SHA256 # ECDHE-RSA-AES256-SHA # ECDHE-RSA-AES128-SHA # ECDHE-RSA-DES-CBC3-SHA --- hell no # ECDHE-RSA-RC4-SHA --- hell no # openssl ciphers | tr ':' "\n" | grep ^DHE-RSA # DHE-RSA-AES256-GCM-SHA384 # DHE-RSA-AES128-GCM-SHA256 # DHE-RSA-AES256-SHA256 # DHE-RSA-AES128-SHA256 # DHE-RSA-AES256-SHA # DHE-RSA-AES128-SHA # DHE-RSA-CAMELLIA256-SHA --- ? # DHE-RSA-SEED-SHA --- ? # DHE-RSA-CAMELLIA128-SHA --- ? # test the modes string: # openssl ciphers -v "ECDH+aRSA+AESGCM:EDH+aRSA+AESGCM:ECDH+aRSA+AES -SHA:EDH+aRSA+AES -SHA:ECDH+aRSA+AES+SHA:EDH+aRSA+AES+SHA" # # ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD # ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD # DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD # DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD # ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384 # ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256 # DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256 # DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256 # ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1 # ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1 # DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 # DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1 # Apache config ############################################################### SSLEngine on # This enables TLS1.0 TLS1.1, TLS1.2 and disables SSLv3 and SSLv2, which are known to be broken SSLProtocol +All -SSLv2 -SSLv3 SSLCipherSuite \ ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:\ DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:\ ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:\ DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:\ ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:\ DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA # on my machine this is also equivalent to the shorter # SSLCipherSuite "ECDH+aRSA+AESGCM : EDH+aRSA+AESGCM : ECDH+aRSA+AES -SHA : EDH+aRSA+AES -SHA : ECDH+aRSA+AES+SHA : EDH+aRSA+AES+SHA" # Add " : kRSA+aRSA+AES" to also support more legacy stuff like IE8 on Windows XP, but without Forward Secrecy SSLHonorCipherOrder on # Available in Apache 2.2.24 and later. Disable it. SSLCompression off ###################################