12/10/2023 0 Comments Plesk tls versions![]() Certificate type: ECDSA (P-256) (recommended), or RSA (2048 bits).This is the recommended configuration for the vast majority of services, as it is highly secure and compatible with nearly every client released in the last five (or more) years. We recommend ECDSA certificates using P-256, as P-384 provides negligible improvements to security and Ed25519 is not yet widely supportedįor services that don't need compatibility with legacy clients such as Windows XP or old versions of OpenSSL.The cipher suites are all strong and so we allow the client to choose, as they will know best if they have support for hardware-accelerated AES.All cipher suites are forward secret and authenticated.The use of the Old configuration with modern versions of OpenSSL may require custom builds with support for deprecated ciphers.įor services with clients that support TLS 1.3 and don't need backward compatibility, the Modern configuration provides an extremely high level of security. OpenSSL will ignore cipher suites it doesn't understand, so always use the full set of cipher suites below, in their recommended order. The ordering of cipher suites in the Old configuration is very important, as it determines the priority with which algorithms are selected. Old : Services accessed by very old clients or libraries, such as Internet Explorer 8 (Windows XP), Java 6, or OpenSSL 0.9.8. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |