[squid-users] The server does not support Forward Secrecy with the reference browsers...
Mike
mcsnv96 at afo.net
Tue Feb 16 19:50:51 UTC 2016
I've found that relates to httpd and not the proxy itself. This is an
easy fix though.
Modify /etc/httpd/conf.d/ssl.conf
*
SSLProtocol all -SSLv2 (most modern linux OS already has this by
default but add it if it is not found)
*
SSLCipherSuite
ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:AES128-SHA:RC4-SHA:HIGH:!aNULL:!MD5:!ADH
*
SSLHonorCipherOrder on (no longer needed on newer Apache but some
older servers may)
Write file and exit vi (or just :x ), and then restart Apache
*
service httpd restart
Should take care of it.
Mike
On 2/16/2016 13:32 PM, Sebastien.Boulianne at cpu.ca wrote:
>
> Hi all,
>
> http://imgur.com/PI1PRlB
>
> Can it be fixed with Squid ? If yes, how ?
>
> Thanks you very much for your answer.
>
> *Sébastien Boulianne*
> Administrateur réseau & système / Network & System Administrator
> (Windows & Linux).
>
> Gestion des infrastructures / Infrastructure Management.
>
> CCNA / CompTIA Server+ / Spécialiste en supervision.
>
> sebastien.boulianne at cpu.ca <mailto:sebastien.boulianne at cpu.ca>
>
>
> *cid:image001.jpg at 01CEC690.4B3492D0*
>
>
>
> *
> 2323, du Versant Nord, suite 100
> Québec (Québec) G1N 4P4
> Téléphone : (418) 681 6974 poste 666*
>
> *Ligne sans frais : 1 888 681 6974
> Télécopieur : (418) 681 1444***
>
> _Information confidentielle :_Le présent message, ainsi que tout
> fichier qui y est joint, est envoyé à l'intention exclusive de son ou
> de ses destinataires, il est de nature confidentielle et peut
> constituer une information privilégiée. Nous avertissons toute
> personne autre que le destinataire prévu que tout examen,
> réacheminement, impression, copie, distribution ou autre utilisation
> de ce message et de tout fichier qui y est joint est strictement
> interdit. Si vous n'êtes pas le destinataire prévu, veuillez en aviser
> immédiatement l'expéditeur par retour de courriel et supprimer ce
> message et tout document joint de votre système. Merci.
>
> _Confidentiality Warning :_This message and any attachments are
> intended only for the use of the intended recipient(s), are
> confidential, and may be privileged. If you are not the intended
> recipient, you are hereby notified that any review, retransmission,
> conversion to hard copy, copying, circulation or other use of this
> message and any attachments is strictly prohibited. If you are not the
> intended recipient, please notify the sender immediately by return
> e-mail, and delete this message and any attachments from your system.
> Thank you.
>
> *« Gérer c’est prévoir (voir avant, avoir une vision de l’avenir) »*
>
> cid:image002.jpg at 01CF5EF5.CC7DD1F0
>
>
>
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160216/c39fbebe/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 1648 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160216/c39fbebe/attachment.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 3146 bytes
Desc: not available
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20160216/c39fbebe/attachment-0001.jpe>
More information about the squid-users
mailing list