centos 6.5. How to disable RC4?

M

mr_blond972015-08-24 18:40:48

CentOS

mr_blond97, 2015-08-24 18:40:48

It is necessary to disable RC4 on two servers with centos7 and centos 6.5
On centos 7, I open /etc/httpd/conf.modules.d/00-ssl.conf, write to the file:

LoadModule ssl_module modules/mod_ssl.so
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+aRSA256 +RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"

I restart apache. The config works, -SSLv3 and RC4 are disabled.
On centos 6.5 /etc/httpd/conf.d/ssl.conf, I write:

SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"

I restart Apache, -SSLv3 is disabled, RC4 is enabled. How to disable RC4?

Reply

Answer the question

In order to leave comments, you need to log in

0 answer(s)