Hi, is it possible to force the server cipher order instead of the clients preferences? When I connect with openssl using these ciphers: 'RC4-SHA:DHE-RSA-AES256-GCM-SHA384' -> RC4-SHA will be selected and with 'DHE-RSA-AES256-GCM-SHA384:RC4-SHA' -> DHE-RSA-AES256-GCM-SHA384 It seems to be recommended for webservers to override that due to bad clients choices and increasing knowledge, like RC4 vs. BEAST, AES128 better (theoretical) than AES256. Regards, Matthias
Hi, Am 2014-01-10 20:51, schrieb Matthias Rieber:> Hi, > > is it possible to force the server cipher order instead of the clients > preferences? When I connect with openssl using these ciphers:sorry, dovecot 2.2 has that feature. Matthias