[Ach] Disabling anonymous ciphers
christian at rishoj.net
Mon Jan 6 12:12:10 CET 2014
Using the SSLCipherSuite and SSLProtocol directives from https://github.com/BetterCrypto/duraconf/blob/master/configs/apache2/https-hsts.conf, my Apache server scores "F" on https://www.ssllabs.com/ssltest/analyze.html, with the reason
> This server supports anonymous (insecure) suites (see below for details). Grade set to F.
The anonymous ciphers are:
Did I screw up? If not, I think the guide could use either a correction or an explanation.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Ach