Submitted by rthomas on Fri, 06/10/2016 - 14:40 Pro Licensee
Where do I turn off RC4 server wide in SSL
Status:
Active
Web Hosting and Cloud Computing Control Panels
Where do I turn off RC4 server wide in SSL
Comments
Submitted by andreychek on Fri, 06/10/2016 - 15:13 Comment #1
Howdy -- there's a variety of ways to do that, and which to use depends on what browsers you wish to support.
In general, the goal is to add a "SSLCipherSuite" line to /etc/httpd/conf/httpd.conf, and ensure that it contains ":!RC4:", meaning no RC4.
One such example I saw in the Qualsys forums would be to use "HIGH:!aNULL:!eNULL:!kECDH:!aDH:!RC4:!3DES:!CAMELLIA:!MD5:!PSK:!SRP:!KRB5:@STRENGTH" as your SSLCipherSuite.