Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How can I configure SSL to use 128-bit encryption or better using mod_SSL on Apache web server?

Apache configure encryption mod_SSL SSL web server
0
0 Posted

How can I configure SSL to use 128-bit encryption or better using mod_SSL on Apache web server?

0 CommentsAdd a Comment

1 Answer

0
0

This facility is called Server Gated Cryptography (SGC) and details you can find in the README.GlobalID document in the mod_ssl distribution. In short: The server has a Global ID server certificate, signed by a special CA certificate from Verisign which enables strong encryption in export browsers. This works as following: the browser connects with an export cipher, the server sends its Global ID certificate, the browser verifies it and subsequently upgrades the cipher suite before any HTTP communication takes place. The question now is: How can we allow this upgrade, but enforce strong encryption. Or in other words: Browsers either have to initially connect with strong encryption or have to upgrade to strong encryption, but are not allowed to keep the export ciphers.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123