Mantis - Resin
|
|||||
Viewing Issue Advanced Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
5906 | minor | always | 05-15-15 19:26 | 06-08-15 14:29 | |
|
|||||
Reporter: | alex | Platform: | |||
Assigned To: | ferg | OS: | |||
Priority: | normal | OS Version: | |||
Status: | closed | Product Version: | 4.0.43 | ||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | 4.0.45 | ||
|
|||||
Summary: | 0005906: support ciphers offering Forward Secrecy | ||||
Description: |
rep by Nick Stephens, Add support for Forward Secrecy: test-tool: https://testssl.sh/ [^] E.g. of Resin Output --> Testing (perfect) forward secrecy, (P)FS -- omitting 3DES, RC4 and Null Encryption here Not OK: No ciphers supporting Forward Secrecy offered e.g. of Nginx output build on the same machine using the same certificates: OK: PFS is offered. Client/browser support is important here. Offered PFS server ciphers follow... Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits ------------------------------------------------------------------------- xc030 ECDHE-RSA-AES256-GCM-SHA384 ECDH AESGCM 256 xc028 ECDHE-RSA-AES256-SHA384 ECDH AES 256 xc014 ECDHE-RSA-AES256-SHA ECDH AES 256 xc027 ECDHE-RSA-AES128-SHA256 ECDH AES 128 xc013 ECDHE-RSA-AES128-SHA ECDH AES 128 xc011 ECDHE-RSA-RC4-SHA ECDH RC4 128 openssl/ciphersuite for Resin and Nginx set to the same: ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-RC4-SHA ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA-AES128-SHA256 ECDHE-ECDSA-DES-CBC3-SHA EC\ DHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA ECDHE-RSA-RC4-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA RC4-SHA RC4-MD5 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA AES256-GCM-SHA384 AES256\ -SHA256 AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-DES-CBC3-SHA DES-CBC3-SHA |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Relationships | |||||
Attached Files: |
There are no notes attached to this issue. |