1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
{
"href": "https://statics.tls.security.mozilla.org/server-side-tls-conf-5.0.json",
"configurations": {
"modern": {
"openssl_ciphers": [],
"openssl_ciphersuites": [
"TLS_AES_256_GCM_SHA384",
"TLS_AES_128_GCM_SHA256",
"TLS_CHACHA20_POLY1305_SHA256"
],
"tls_versions": ["TLSv1.3"],
"tls_curves": ["X25519", "prime256v1", "secp384r1"],
"certificate_types": ["ecdsa"],
"certificate_curves": ["prime256v1", "secp384r1"],
"certificate_signatures": ["sha256WithRSAEncryption", "ecdsa-with-SHA256", "ecdsa-with-SHA384", "ecdsa-with-SHA512"],
"rsa_key_size": 2048,
"dh_param_size": null,
"ecdh_param_size": 256,
"hsts_min_age": 63072000,
"oldest_clients": ["Firefox 63", "Android 10.0", "Chrome 70", "Edge 75", "Java 11", "OpenSSL 1.1.1", "Opera 57", "Safari 12.1"],
"ocsp_staple": true,
"server_preferred_order": false,
"maximum_certificate_lifespan": 90
},
"intermediate": {
"openssl_ciphers": [
"ECDHE-ECDSA-AES256-GCM-SHA384",
"ECDHE-RSA-AES256-GCM-SHA384",
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
"ECDHE-RSA-CHACHA20-POLY1305",
"DHE-RSA-AES256-GCM-SHA384",
"DHE-RSA-AES128-GCM-SHA256"
],
"openssl_ciphersuites": [
"TLS_AES_256_GCM_SHA384",
"TLS_AES_128_GCM_SHA256",
"TLS_CHACHA20_POLY1305_SHA256"
],
"tls_versions": ["TLSv1.2", "TLSv1.3"],
"tls_curves": ["X25519", "secp256r1", "secp384r1"],
"certificate_types": ["ecdsa", "rsa"],
"certificate_curves": null,
"certificate_signatures": ["sha256WithRSAEncryption", "ecdsa-with-SHA256", "ecdsa-with-SHA384", "ecdsa-with-SHA512"],
"rsa_key_size": 2048,
"dh_param_size": 2048,
"ecdh_param_size": 256,
"hsts_min_age": 63072000,
"oldest_clients": ["Firefox 27", "Android 4.4.2", "Chrome 31", "Edge", "IE 11 on Windows 7", "Java 8u31", "OpenSSL 1.0.1", "Safari 9"],
"ocsp_staple": true,
"server_preferred_order": true,
"maximum_certificate_lifespan": 730
},
"old": {
"openssl_ciphers": [
"ECDHE-ECDSA-AES256-GCM-SHA384",
"ECDHE-RSA-AES256-GCM-SHA384",
"ECDHE-ECDSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-ECDSA-CHACHA20-POLY1305",
"ECDHE-RSA-CHACHA20-POLY1305",
"DHE-RSA-AES256-GCM-SHA384",
"DHE-RSA-AES128-GCM-SHA256",
"DHE-RSA-CHACHA20-POLY1305",
"DHE-DSS-AES256-GCM-SHA384",
"DHE-DSS-AES128-GCM-SHA256",
"ECDHE-ECDSA-AES128-SHA256",
"ECDHE-RSA-AES128-SHA256",
"ECDHE-ECDSA-AES128-SHA",
"ECDHE-RSA-AES128-SHA",
"ECDHE-ECDSA-AES256-SHA384",
"ECDHE-RSA-AES256-SHA384",
"ECDHE-ECDSA-AES256-SHA",
"ECDHE-RSA-AES256-SHA",
"DHE-RSA-AES128-SHA256",
"DHE-RSA-AES128-SHA",
"DHE-RSA-AES256-SHA256",
"DHE-RSA-AES256-SHA",
"DHE-DSS-AES128-SHA256",
"DHE-DSS-AES256-SHA",
"AES128-GCM-SHA256",
"AES256-GCM-SHA384",
"AES128-SHA256",
"AES256-SHA256",
"AES128-SHA",
"AES256-SHA",
"ECDHE-ECDSA-ARIA128-GCM-SHA256",
"ECDHE-ECDSA-ARIA256-GCM-SHA384",
"ECDHE-ARIA128-GCM-SHA256",
"ECDHE-ARIA256-GCM-SHA384",
"DHE-RSA-ARIA128-GCM-SHA256",
"DHE-DSS-ARIA128-GCM-SHA256",
"DHE-RSA-ARIA256-GCM-SHA384",
"DHE-DSS-ARIA256-GCM-SHA384",
"ECDHE-ECDSA-CAMELLIA128-SHA256",
"ECDHE-RSA-CAMELLIA128-SHA256",
"ECDHE-ECDSA-CAMELLIA256-SHA384",
"ECDHE-RSA-CAMELLIA256-SHA384",
"DHE-RSA-CAMELLIA128-SHA256",
"DHE-RSA-CAMELLIA256-SHA256",
"DHE-RSA-CAMELLIA128-SHA",
"DHE-RSA-CAMELLIA256-SHA",
"DHE-DSS-CAMELLIA128-SHA256",
"DHE-DSS-CAMELLIA256-SHA256",
"DHE-DSS-CAMELLIA128-SHA",
"DHE-DSS-CAMELLIA256-SHA",
"ARIA128-GCM-SHA256",
"ARIA256-GCM-SHA384",
"CAMELLIA128-SHA256",
"CAMELLIA256-SHA256",
"CAMELLIA128-SHA",
"CAMELLIA256-SHA",
"ECDHE-ECDSA-DES-CBC3-SHA",
"ECDHE-RSA-DES-CBC3-SHA",
"EDH-RSA-DES-CBC3-SHA",
"DES-CBC3-SHA",
"DHE-RSA-SEED-SHA",
"DHE-DSS-SEED-SHA",
"SEED-SHA"
],
"openssl_ciphersuites": [
"TLS_AES_256_GCM_SHA384",
"TLS_AES_128_GCM_SHA256",
"TLS_CHACHA20_POLY1305_SHA256"
],
"tls_versions": ["TLSv1", "TLSv1.1", "TLSv1.2", "TLSv1.3"],
"tls_curves": ["X25519", "secp256r1", "secp384r1"],
"certificate_types": ["rsa"],
"certificate_curves": null,
"certificate_signatures": ["sha256WithRSAEncryption", "ecdsa-with-SHA256", "ecdsa-with-SHA384", "ecdsa-with-SHA512"],
"rsa_key_size": 2048,
"dh_param_size": 1024,
"ecdh_param_size": 256,
"hsts_min_age": 63072000,
"oldest_clients": ["Firefox 1", "Android 2.3", "Chrome 1", "Edge 12", "IE8 on Windows XP", "Java 6", "Opera 5", "OpenSSL 0.9.8", "Safari 1"],
"ocsp_staple": true,
"server_preferred_order": true,
"maximum_certificate_lifespan": 730
}
},
"version": 5.0
}
|
