Versions Compared

Old Version 24

changes.mady.by.user Leif Hedstrom

Saved on

compared with

New Version 25

changes.mady.by.user Bryan Call

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Add forward secrecy support

...

Added support for elliptic curve ciphers (http://en.wikipedia.org/wiki/Elliptic_curve_cryptography) which generates a new key per session for enhanced security.  To use the elliptic curve ciphers you will need to modify the cipher list with the appropriate ciphers.  For example:

Code Block
CONFIG proxy.config.ssl.server.cipher_suite STRING ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES256-SHA:DES-CBC3-SHA!SRP:!DSS:!PSK:!aNULL:!eNULL:!SSLv2

Jira: TS-2372

Release memory for idle SSL sessions

...