How to fix TLS v1.2 issues? (SSL Lab)
Mig*_*gon 1 ssl mod-ssl apache2
I need to fix this problem.
Tried a lot of methods to beat this problem, but all failed.
The question is not entirely clear, but I'm assuming it boils down to guidance regarding configuration of appropriate TLS cipher suites, etc.
That is a question that is tricky to answer well as best practice continues to evolve over time, but I can point to some good resources:
Mozilla makes their own Server Side TLS configuration guidance public, accompanied with a configuration generator for many common services.
What is particularly useful here is that not only do they have very clear configuration guidance for multiple levels of legacy compatibility, they also document their rationale behind these suggested configurations.Qualys 不仅提供他们非常受欢迎的SSL Labs 服务器测试(问题似乎有截图),而且还提供 TLS 部署最佳实践文档。
我想说 Qualys 文档更广泛地考虑了整体部署考虑,而 Mozilla 文档则专门关注详细的配置考虑。两者都很有价值并且相辅相成,尽管我的印象是 Mozilla 指南更直接针对您的要求。
| 归档时间: |
|
| 查看次数: |
196 次 |
| 最近记录: |