Disable weak SSL ciphers in lighttpd

Question

The testing tool https://www.ssllabs.com/ssltest/index.html tells me that my server is offering/supporting:

SSL_RSA_WITH_DES_CBC_SHA (0x9) WEAK 56
SSL_DHE_RSA_WITH_DES_CBC_SHA (0x15) DH 1024 bits (p: 128, g: 128, Ys: 128) FS WEAK 56
RC4 Yes NOT DESIRABLE

At least these two weak ciphers. I'd like to support only strong ciphers. I've tried specifying

ssl.cipher-list = "HIGH:MEDIUM:!ADH"

But that has not helped. How do I tell lighthttpd not to use weak ciphers for SSL?

If I can also address "Forward Secrecy (Experimental) No NOT DESIRABLE" at the same time, great.

Answer 1

Finally, here is the ultimate "secret sauce":

Pass the SSL Labs Test on Lighttpd (Mitigate the CRIME and BEAST attack, Disable SSLv2 and Enable Perfect Forward Secrecy).

Please read the link for concrete configuration directives.

Answer 2

For a general approach/tutorial on how to build the right cipher suite config you might like to have a look here: http://www.skytale.net/blog/archives/22-SSL-cipher-setting.html

However, the author did not seem to pay attention to implementing DHE cipher suites; you will need these DHE ciphers in order to allow Forward Secrecy (FS) for your SSL connection.

For a 'ready-to-take cipher suite config' including DHE please have a look here. Seems that this config has also been tested to work with a few browser and OS setups: https://github.com/pfsense/pfsense/pull/683

PS: please note that the message "Forward Secrecy (Experimental) No NOT DESIRABLE" from SSLlabs seems to show up no matter if FS is working or not with your connection, so for the time being don't bother too much about that message.