Welcome to Centmin Mod Community
Register Now

Beta Branch reorder chacha20 ssl_ciphers in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Oct 1, 2018.

  1. eva2000

    eva2000 Administrator Staff Member

    46,244
    10,512
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,295
    Local Time:
    3:01 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    reorder chacha20 ssl_ciphers in 123.09beta01

    Reorder chacha20 ssl ciphers in ssl_ciphers list to work with bassie's OpenSSL 1.1.1 Prioritize ChaCha20 patch OpenSSL - [NEW PATCH]Prioritize ChaCha feature - OpenSSL 1.1.1 New Nginx vhosts created will have this update automatically applied. While existing Centmin Mod Nginx HTTPS based domain.com.ssl.conf ssl_ciphers listing will need to be manually changed to below

    Code (Text):
    ssl_ciphers TLS13-AES-128-GCM-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;
    


    Continue reading...

    123.09beta01 branch