summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--2.4/conf/vhosts.d/00_default_ssl_vhost.conf8
1 files changed, 4 insertions, 4 deletions
diff --git a/2.4/conf/vhosts.d/00_default_ssl_vhost.conf b/2.4/conf/vhosts.d/00_default_ssl_vhost.conf
index 538a5cb..d068f61 100644
--- a/2.4/conf/vhosts.d/00_default_ssl_vhost.conf
+++ b/2.4/conf/vhosts.d/00_default_ssl_vhost.conf
@@ -21,17 +21,17 @@ Listen 443
# Enable/Disable SSL for this virtual host.
SSLEngine on
- # TLS defaults are set according to the Mozilla intermediate
- # configuration: https://ssl-config.mozilla.org/
+ # TLS defaults are set according to the Mozilla intermediate
+ # configuration: https://ssl-config.mozilla.org/
## SSLProtocol:
- # Disable old protocol versions that have known flaws or are deprecated.
+ # Disable old protocol versions that have known flaws or are deprecated.
SSLProtocol ALL -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
## SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
- SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
+ SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
## SSLHonorCipherOrder:
# Don't enforce cipher order since all ciphers are strong and