Following on from my previous post, there are some further updates you can make to your Apache configuration to improve the ciphers used between server and client.
It’s best practice to configure Apache to use a suitable TLS configuration. Ubuntu uses “available” and “enabled” directories to switch functionality on and off for this and other settings, located under “/etc/apache2”.
In this brief blog post, I wanted to run through the steps needed to configure Apache to use SSL and TLS. I will also discuss the importance of configuring the apache cryptosystem correctly, by disabling less preferable protocol versions due to a variety of security concerns (SSL 2.0, SSL 3.0, and TLS 1.0).