Hacker News new | past | comments | ask | show | jobs | submit login

Here's a sample nginx config that would prefer PFS over other key exchanges if the client supports it and is not vulnerable to the BEAST attack:

  ssl_ciphers EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5
Source: http://stackoverflow.com/questions/17308690/how-do-i-enable-...



Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: