| View previous topic :: View next topic |
| Author |
Message |
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
 Posted: Fri May 02, 2014 2:53 pm Post subject: Enable Forward Secrecy in Apache 2.2 & courier-imap? SOL |
 |
|
Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap?
Last edited by Duncan Mac Leod on Sat Jun 21, 2014 6:42 pm; edited 1 time in total |
|
| Back to top |
|
 |
gerdesj
l33t
Joined: 29 Sep 2005
Posts: 621
Location: Yeovil, Somerset, UK
|
| Posted: Mon May 12, 2014 12:02 pm Post subject: Re: Enable perfect forward secrecy in Apache 2.2 & couri |
|
|
| Duncan Mac Leod wrote: | | Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap? |
I'm 95% sure you need Apache 2.4 to enable PFS. |
|
| Back to top |
|
|
Duncan Mac Leod
Guru
Joined: 02 May 2004
Posts: 310
Location: Germany
|
| Posted: Sat Jun 21, 2014 6:40 pm Post subject: Re: Enable perfect forward secrecy in Apache 2.2 & couri |
|
|
| gerdesj wrote: | | Duncan Mac Leod wrote: | | Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap? |
I'm 95% sure you need Apache 2.4 to enable PFS. |
NO, NOT NEEDED...
I figured out how to make Apache SECURE the right way  with Forward Secrecy AND HTTP Strict Transport Security
| Code: |
SSLProtocol all -SSLv2 -SSLv3
SSLCompression Off
SSLHonorCipherOrder On
SSLCipherSuite "EECDH+AESGCM EDH+AESGCM EECDH -RC4 EDH -CAMELLIA -SEED !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
|
Just testing Forward Secrecy on Courier-IMAP  ... |
|
| Back to top |
|
|
|
Networking & Security
