Update ssl ciphers (!814) · Merge requests · GitLab.org / GitLab FOSS

Marin Jankovski requested to merge update_ssl_ciphers into master Jun 15, 2015

Removing all DHE suites from Nginx template SSL ciphers.

This will deny forward secrecy for Android 2.3.7, Java 6 and OpenSSL 0.9.8. but will give A+ rating on SSL labs.

Google sites also do not have DHE suites, source

Google's sites, for example, tend to not have any DHE suites in their configuration. [2013]

Admin message