search for: tls_dhe_rsa_with_3des_ede_cbc_sha

...ition to disabling it in $ssl_protocols. This is different from Apache, which has similar parameters, but where disabling the protocol takes precedence. If I just do: ssl_protocols = !SSLv2 !SSLv3 I still get some ciphers that show up as "weak", e.g., | SSLv3: | ciphers: | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_DHE_RSA_WITH_AES_128_CBC_SHA - strong | TLS_DHE_RSA_WITH_AES_256_CBC_SHA - strong | TLS_DHE_RSA_WITH_DES_CBC_SHA - weak [....] | TLS_RSA_WITH_DES_CBC_SHA - weak Is there a way to exclude these ciphers, while still keeping my config easy to parse and avoiding...

Hi List ;-) I consider my question to be rather simple one ... nevertheless I could not find an answer to it up to now. I have an OpenLDAP-server which is the user-db for an samba3-server. I want to use TLS for secure communication, so I created a ca for this as well as keys/certificates for my LDAP and samba-server. Informing the LDAP-server about its certificate/key is easy ... but how do I