Skip to content
This repository has been archived by the owner on May 8, 2022. It is now read-only.

Sujet présenté lors du sfPot parisien du 17 septembre 2013 à la Pépinière 27

Notifications You must be signed in to change notification settings

thierrymarianne/speaking-about-cache-over-tls-sfpot

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Cache + SSL / TLS

Description

Topic discussed the 17th of september 2013 at La Pépinière 27 in Paris

Slideshow - PDF - French version

Meetup Event

Best practices (SSLLabs)

Testing SSL configuration (SSLLabs)
e.g. https://www.ssllabs.com/ssltest/analyze.html?d=start.weaving-the-web.org

AFSY (Association francophone des utilisateurs de Symfony)

Generate your Diffie-Hellman key using following openssl command (it may take a while)

openssl dhparam -out /etc/ssl/private/dh4096.pem -5 4096

Changelog

The following changes were applied right after Benjamin Sonntag talked about SSL/TLS at La Cantine in Paris on the 20th of Septembre 2013 :

  • Reduction of the cipher suites list offered by the SSL proxy (nginx)
  • SSL v3.0 has been removed from the list of protocols offered by the SSL proxy
  • A Diffie-Hellman key directive has been added to the SSL proxy configuration (Perfect Forward Secrecy)
  • A HTTP Strict Transport Security directive has been added to the SSL proxy configuration (nginx)

About

Sujet présenté lors du sfPot parisien du 17 septembre 2013 à la Pépinière 27

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published