Colony.three via openssl-users wrote:I've set mine to test this comprehensively. (Apache and NginX) WithApache Firefox -ignores- server-prescribed ciphers and chooses an EC.NginX does properly prevail with the algo. Was this an accident, Apache?I'd suggest to read the Apache httpd docs first:
So you think I didn't use this.
For those who are aware, I implied this by intentionally using the word 'insist' WRT NginX. I could have overtly said what proper options I'd used for every case in every instance, but I was hoping ppl here would see.
This is why I believe this is not an accident.
Hear about the HP keylogging case recently? Do you think a keylogger is actually used in testing of a keyboard driver, in practice?
How about you actually try SSLHonorCipherOrder on in Apache, Michael, and try the different cipher combinations? Let us know how it works out.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
