Open yangm97 opened 5 years ago
I've automated ecdh parameters as the default when nothing is supplied in the listener's configuration. I'm disappointed this is not done by boost::asio::ssl.
Still, I show trouble with
IE 11 / Win Phone 8.1 R | RSA 2048 (SHA256) | TLS 1.2 | TLS_RSA_WITH_AES_128_CBC_SHA256 No FS
I'm not sure why that is downgrading to a non-FS cipher.
https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#25-use-forward-secrecy