SSL Protocol and Cipher Configuration Guide for SafeLine
SafeLine allows you to configure SSL protocols and encryption settings for your web applications. Below are the steps for setting up SSL certificates, adjusting SSL protocol versions, and customizing SSL cipher suites.
SSL Certificate Configuration
If your site requires HTTPS access, you can enable SSL by uploading an SSL certificate when configuring the corresponding port.
SSL Protocol Version Configuration
SafeLine supports several SSL and TLS protocol versions. You can modify the SSL version in the SSL Protocol section, choosing from the following options:
TLSv1TLSv1.1TLSv1.2TLSv1.3SSLv2SSLv3
SSL Cipher Configuration
In some cases, specific SSL encryption algorithms may need to be adjusted due to security concerns or vulnerabilities. SafeLine allows for custom SSL cipher suites. Here are some commonly used SSL cipher combinations:
- Nginx Official Example:
AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5
- Cloudflare Recommended:
[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES
Mozilla Modern (TLS 1.3):
TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256Mozilla Intermediate (TLS 1.2):
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384
- Mozilla Old Backward Compatibility (TLS 1.0–1.2):
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
- Cipherli Recommendation:
EECDH+AESGCM:EDH+AESGCM
- High-Strength Cipher Suite:
HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4:!RSA
By customizing these configurations, you can ensure a secure and optimized SSL setup tailored to your application’s requirements.
GitHub Repository: https://ly.safepoint.cloud/rZGPJRF
Official Website: https://ly.safepoint.cloud/eGtfrcF
Live Demo: https:https://ly.safepoint.cloud/DQywpL7
Top comments (0)