lib · 7a7c6b469b89ac651006b4e0007664fc9dc12dd3 · Forest Godfrey / gitlab-ce

Merge branch 'update_ssl_ciphers' into 'master' · 9522a710

authored Jun 15, 2015

Update ssl ciphers

Removing all DHE suites from Nginx template SSL ciphers.

This will deny forward secrecy for Android 2.3.7, Java 6 and OpenSSL 0.9.8. but will give A+ rating on SSL labs.

Google sites also do not have DHE suites, [source](https://community.qualys.com/blogs/securitylabs/2013/06/25/ssl-labs-deploying-forward-secrecy)

> Google's sites, for example, tend to not have any DHE suites in their configuration. [2013]

See merge request !814

9522a710

Name	Last commit	Last update
..
api		Loading commit data...
assets		Loading commit data...
backup		Loading commit data...
gitlab		Loading commit data...
omni_auth		Loading commit data...
redcarpet/render		Loading commit data...
support		Loading commit data...
tasks		Loading commit data...
disable_email_interceptor.rb		Loading commit data...
email_validator.rb		Loading commit data...
event_filter.rb		Loading commit data...
extracts_path.rb		Loading commit data...
file_size_validator.rb		Loading commit data...
gitlab.rb		Loading commit data...
gt_one_coercion.rb		Loading commit data...
repository_cache.rb		Loading commit data...
static_model.rb		Loading commit data...
unfold_form.rb		Loading commit data...
version_check.rb		Loading commit data...