DevHeads.net

disabling RC4 in apache 2.2.x

hello

:RC4+RSA: appears in SSLCipherSuite of apache 2.2.15's ssl.conf

to disable RC4, will this be enough:

:!RC4+RSA:

or a different syntax is needed?

thank you,
F-

Comments

Re: disabling RC4 in apache 2.2.x

By Daniel at 01/11/2018 - 15:10

check the output of your cipher-spec changes easily with:

openssl ciphers -v 'XXXXX:!RC4+RSA:XXXXXX'

2018-01-11 0:27 GMT+01:00 FHDATA < ... at unm dot edu>:

Re: disabling RC4 in apache 2.2.x

By FHDATA at 01/11/2018 - 17:00

bob=$(egrep "^SSLCipherSuite " /etc/httpd/conf.d/ssl.conf)

openssl ciphers -v $bob
<lists all the ciphers>

openssl ciphers -v $bob| egrep -iv rc4
<no output>

i assume that's all good then ...

thank you
F-