SSL Cipher Lists

muddyboots

New member
Joined
Apr 20, 2020
Messages
4
New Centos 7 server, transferred all over from old centos6 cpanel server

Everything working fine, just getting my head around DA compared to 20 years of cPanel

How do I add/edit the SSL ciphers Apache and Mail?

Looking at the help I have to run some commands to make special custom files and then edit these for my own needs

However the posts are 2018 so are these still correct ?

Help here



It doesn't look like an option in the GUI in custom build


Thanks in advance
 
Don't know what you mean by 2018, but custom files are not overwritten.
/etc/exim.variables.conf.custom
 
Ah ok, I see what you mean. The thread I was referring too is only 2 month old.
Both help items make use of custom files or directories, therefore will survive an update or rebuild.
But it can happen that custom files mess things up when default configuration is changed because of an update. This happens not often though.

Perhaps wait for another solution from a more experienced member.
 
So if you are looking for Custom Ciphers AKA not the ones delivered by the options.conf file.

ssl_configuration: modern, intermediate, old. Current value: intermediate. Default value: intermediate.
Talked about here #1

If you need to know what old vs Intermediate VS Modern means you need to look at the links
All based on this https://ssl-config.mozilla.org/
and here https://help.directadmin.com/item.php?id=571

Since you are on CentOS 7 with old OpenSSL the highest you can go on the DA provided settings is Intermediate

If neither of the 3 settings would work for you. Actually 2 in your case

Then yes you would have to create your own. I can also tell you I have used https://help.directadmin.com/item.php?id=2072 it works fine.

No GUI options like Cpanel.

Welcome to the forum as well..
 
So if you are looking for Custom Ciphers AKA not the ones delivered by the options.conf file.

ssl_configuration: modern, intermediate, old. Current value: intermediate. Default value: intermediate.
Talked about here #1

If you need to know what old vs Intermediate VS Modern means you need to look at the links
All based on this https://ssl-config.mozilla.org/
and here https://help.directadmin.com/item.php?id=571

Since you are on CentOS 7 with old OpenSSL the highest you can go on the DA provided settings is Intermediate

If neither of the 3 settings would work for you. Actually 2 in your case

Then yes you would have to create your own. I can also tell you I have used https://help.directadmin.com/item.php?id=2072 it works fine.

No GUI options like Cpanel.

Welcome to the forum as well..

Thanks, that answers my questions. Im running OpenSSL 1.1.1 so not on the older CentOS 7 1.0.2 version.
 
Back
Top