Hi I am trying to reconfig the ssl setup on a reverse proxy set https_port 2.7.3.1:443 accel cert=/etc/httpd/conf.d/office.xyz.com.crt key=/etc/httpd/conf.d/office.xyz.com.key dhparams=/etc/httpd/conf.d/office.xyz.com.dhparam defaultsite=office.yieldbroker.com options=NO_SSLv2,NO_SSLv3 cipher=ALL:!SSLv2:!SSLv3@STRENGTH But I only get a limited list of ciphers, completely different from openssl ciphers 'ALL:!SSLv2:!SSLv3@STRENGTH' in fact it doesn't seem to look at the cipher option at all and pointers on what I am doing wrong right now I am left with https_port 2.7.3.1:443 accel cert=/etc/httpd/conf.d/office.xyz.com.crt key=/etc/httpd/conf.d/office.xyz.com.key dhparams=/etc/httpd/conf.d/office.xyz.com.dhparam defaultsite=office.yieldbroker.com options=NO_SSLv2,NO_SSLv3 but https://www.ssllabs.com/ssltest/ gives me an A- .. no PFS. thanks Alex _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
