1 # lighttpd support for SSLv2 and SSLv3
3 # Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:SSL
5 # mitigate against BEAST attacks
6 # http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
7 #ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
9 $SERVER["socket"] == ":443" {
11 ssl.pemfile = "/etc/lighttpd/server.pem"
12 # ssl.ca-file = "/etc/certs/ca-certificates.crt"
14 $HTTP["useragent"] =~ "MSIE" {
15 server.max-keep-alive-requests = 0