Hi,
I am running Server version: Apache/2.4.54 (IUS) on CentOS Linux release 7.9.2009 (Core). I have enabled the SSLCipherSuite based on https://ssl-config.mozilla.org/#server=apache&version=2.4.54&config=intermediate&openssl=1.1.1k&guideline=5.6 in httpd config /etc/httpd/conf.d/ssl.conf
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
LOW: 64 Bit + DES, RC[2,4], MD5 (w/o export) offered (NOT ok)
Triple DES Ciphers / IDEA offered
Obsoleted CBC ciphers (AES, ARIA etc.) offered
Triple DES Ciphers / IDEA offered
Obsoleted CBC ciphers (AES, ARIA etc.) offered
[kaushal@ ~]$ httpd -v
Server version: Apache/2.4.54 (IUS)
Server built: Jul 20 2022 23:47:24
[kaushal@ ~]$
Server version: Apache/2.4.54 (IUS)
Server built: Jul 20 2022 23:47:24
[kaushal@ ~]$
Is there a way to have the Overall rating as A? This server accepts RC4 cipher, but only with older protocols. Grade capped to B as per https://blog.qualys.com/product-tech/2013/03/19/rc4-in-tls-is-broken-now-what?_ga=2.190316584.2048888948.1666268705-2031408266.1660632196
Please guide me. Thanks in advance.
Best Regards,
Kaushal
