Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

disable rc4 and other weak ciphers on https proxy #193

Open
gotchazipc opened this issue Feb 18, 2016 · 0 comments
Open

disable rc4 and other weak ciphers on https proxy #193

gotchazipc opened this issue Feb 18, 2016 · 0 comments
Assignees
@gotchazipc
Milestone
webida-server 1.8.0

Comments

@gotchazipc
Copy link
Contributor

pass https://www.ssllabs.com/ssltest/analyze.html?d=auth.webida.org&latest

RC4 is not safe. deprecated all weak-ciphers of proxy server

  • since proxy server uses http-master & it supports 'disableWeakCiphers'. Turn it on in proxy server code
  • remove unused, confusing http/https server props of Proxy Server class
  • cannot see logs. Enable logging via webida common logger class
@gotchazipc gotchazipc self-assigned this Feb 18, 2016
@gotchazipc gotchazipc added this to the webida server 1.8.0 milestone Feb 18, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gotchazipc gotchazipc

Labels
None yet
Projects
None yet
Milestone
webida-server 1.8.0
Development

No branches or pull requests
1 participant
@gotchazipc