On Tue, 25 Aug 2009, Dave wrote:
> I've got a client who wants to go ssl. He's running a web server,
> smtp/pop, and ftps and imaps is coming as well. I'm looking for a
> wildcard ssl certificate i believe it's called but one on the budget
> plan. I am also wanting to ensure that the mod_ssl with httpd on the
> server is only using the strongest encryption methods and protocols.
RapidSSL will see you a wildcard certificate for about $200:
http://www.rapidssl.com/ssl-certificate-products/rapidssl/usd/wildcard-ssl-certificate.htm
Configuring mod_ssl for decent crypto is pretty easy. This recipe has
worked well for me:
SSLProtocol +SSLv3 +TLSv1
SSLCipherSuite HIGH:MEDIUM
You can see what you're getting by using the "openssl ciphers"
command, e.g.,
openssl ciphers -v 'MEDIUM:HIGH'
--
Paul Heinlein <> heinlein@xxxxxxxxxx <> www.madboa.com
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
