Changed files:
lighttpd-ssl.conf -> 1.4
#
# Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:SSL
#
# Documentation: http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:SSL
+# mitigate against BEAST attacks
+# http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
+#ssl.cipher-list = "ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4-SHA:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM"
+
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/server.pem"
$SERVER["socket"] == ":443" {
ssl.engine = "enable"
ssl.pemfile = "/etc/lighttpd/server.pem"