Facebook
Twitter
JRsz
New Pleskian
Hi,
I want to aloow only strong cipher suits for everything that uses TLS I have a few pages which all use these strong ciphers, but plesk does not adapt to this. domain.tld is fine, but domain.tld:8443 still uses "weaker" cipherSuits.
I already put in the /etc/apache2/mods-available/ssl.conf the following lines:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
This did not affect any cipher suits, but I still have it. What changed the cipher suits on all my sites (except the plesk interface) was the following file /etc/nginx/conf.d/ssl.conf which partially contains the following:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers
"EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
Shouldnt this include all TLS traffic, including everything that is transmitted over domain.tld:8443, so the plesk interface??
I am using Plesk 12.5.30 Update#21 on Ubuntu 14.04 LTS
BR
JRsz
I want to aloow only strong cipher suits for everything that uses TLS I have a few pages which all use these strong ciphers, but plesk does not adapt to this. domain.tld is fine, but domain.tld:8443 still uses "weaker" cipherSuits.
I already put in the /etc/apache2/mods-available/ssl.conf the following lines:
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
This did not affect any cipher suits, but I still have it. What changed the cipher suits on all my sites (except the plesk interface) was the following file /etc/nginx/conf.d/ssl.conf which partially contains the following:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers
"EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
Shouldnt this include all TLS traffic, including everything that is transmitted over domain.tld:8443, so the plesk interface??
I am using Plesk 12.5.30 Update#21 on Ubuntu 14.04 LTS
BR
JRsz
