Settings to allow the 256bit encryption only:
browser.cache.disk_cache_ssl, false
security.ssl3.dhe_rsa_aes_128_sha, false
security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256, false
security.ssl3.ecdhe_ecdsa_aes_128_sha, false
security.ssl3.ecdhe_rsa_aes_128_gcm_sha256, false
security.ssl3.ecdhe_rsa_aes_128_sha, false
security.ssl3.rsa_aes_128_sha, false
security.ssl3.rsa_des_ede3_sha, false
security.ssl3.rsa_camellia_256_sha, true
security.ssl3.dhe_rsa_camellia_256_sha, true
These settings should be enough.
Everything marked as "good" at
https://www.howsmyssl.com/
- Version,
- Ephemeral Key Support,
- Session Ticket Support,
- TLS Compression,
- BEAST Vulnerability,
- Insecure Cipher Suites,
- Given Cipher Suites:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
Edited 5 time(s). Last edit at 10/17/2017 12:11AM by J.G..