Apache Reference: mod_ssl, SSLCipherSuite


SSL Cipher Suite for Negotiation in SSL Handshake Phase
Syntax: SSLCipherSuite A
Example: SSLCipherSuite ALL:!RSA
Since: Apache 1.3

This complex directive uses a colon-separated cipher-spec string consisting of OpenSSL cipher specifications to configure the cipher suite that the client negotiates in the SSL handshake phase. It can be used in either per-server or per-directory context. In per-server context, it applies to the standard SSL handshake when a connection is established.

In per-directory context, it forces an SSL renegotiation with the reconfigured cipher suite after the HTTP request is read but before the HTTP response is sent. The complete syntax of cipher-spec appears in the mod_ssl manual. To list the available ciphers, use the ``openssl ciphers -v'' command.