[SOLVED]WebUI - Enable PFS on admin GUI and other questions TLS Cipher Suite



  • Hi,

    First : I'm Sorry for my poor English.
    Second : Happy New year ;).

    And my question is:
    How can enable the PFS on the Web Admin GUI.

    If I check the support cipher suite I can observe this :

    Supported Server Cipher(s):
        Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
        Accepted  TLSv1  256 bits  AES256-SHA
        Accepted  TLSv1  256 bits  CAMELLIA256-SHA
        Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
        Accepted  TLSv1  168 bits  DES-CBC3-SHA
        Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
        Accepted  TLSv1  128 bits  AES128-SHA
        Accepted  TLSv1  128 bits  CAMELLIA128-SHA
        Accepted  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
        Accepted  TLSv1  128 bits  RC4-SHA

    Prefered Server Cipher(s):
        TLSv1  128 bits  RC4-SHA

    It's possible to change the cipher suite order ?

    I think both default settings is a weak configuration
    I use the 2.1.5 version.

    If you cann't understand my word, I can try to write a better English with help of G-Translate (I'm not sure about that :) ).

    Best regard.



  • Ok, I'm sorry about this stupid question.
    I find  the line in :

    /etc/inc/system.inc: $lighty_config

    I have a better result now :

    Supported Server Cipher(s):
        Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
        Accepted  TLSv1  256 bits  AES256-SHA
        Accepted  TLSv1  256 bits  CAMELLIA256-SHA
        Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
        Accepted  TLSv1  168 bits  DES-CBC3-SHA
        Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
        Accepted  TLSv1  128 bits  AES128-SHA
        Accepted  TLSv1  128 bits  CAMELLIA128-SHA

    Prefered Server Cipher(s):
        TLSv1  256 bits  ECDHE-RSA-AES256-SHA

    Thanks to reader !
    Best regards.


Log in to reply