1st. I activated SSL in menu, and then following:
In following path i set following changes:
/etc/httpd/conf.d/ssl.conf
Code: Select all
#ssl Honor ciper order
SSLHonorCipherOrder on
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCipherSuite "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"
# Certificate Authority (CA):
# Set the CA certificate verification path where to find CA
# certificates for client authentication or alternatively one
# huge file containing all of them (file must be PEM encoded)
SSLCACertificateFile /etc/pki/tls/certs/ca-bundle.crt
into /etc/pki/tls/certs/ca-bundle.crt i have pasted ca-bundle from StartSSL
After this I tested against https://www.ssllabs.com/ssltest/