How to disable certain Cipher Suites and activate Session resumption (caching)?


(JS) #1

How can I disable the following two Cipher Suites:

  • TLS_RSA_WITH_AES_256_CBC_SHA (0x35) WEAK 256
  • TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) WEAK 128

And how can I activate Session resumption (caching) (Protocol Details) because it is set to “No (IDs empty)”?


(Matt Holt) #2

Those two ciphers will be disabled by default in the next release. In the meantime, you can use the tls directive to customize your cipher suites.

Why do you want to activate session resumption by caching? Just let Caddy use tickets, they’re generally better.


(JS) #3

Okay, thanks.
When is the next Caddy release coming?