search

libresh / libre.sh

Moved to https://lab.libreho.st/libre.sh/compose.libre.sh
GNU Affero General Public License v3.0
189 stars 22 forks source link

Removes weak ciphers from haproxy config #4

Closed pierreozoux closed 9 years ago

pierreozoux commented 9 years ago

from https://www.ssllabs.com/ssltest/

TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15)   DH 1024 bits (p: 128, g: 1, Ys: 128)   FS   WEAK      56
TLS_RSA_WITH_DES_CBC_SHA (0x9)   WEAK       56
TLS_RSA_WITH_DES_CBC_SHA (0x9)   WEAK       56
TLS_DHE_RSA_WITH_DES_CBC_SHA (0x15)   DH 1024 bits (p: 128, g: 1, Ys: 128)   FS   WEAK      56

And check: http://mozilla.github.io/server-side-tls/ssl-config-generator/ https://wiki.mozilla.org/Security/Server_Side_TLS#Haproxy