Overview
You want to know which SSL Ciphers the httpd-lm webserver can support or you need to know the Supported Config SSL_CIPHERS string to finish installing or updating your SSL certificate for LM.
Information
Supported SSL Cipher Configurations
These are the supported Config SSL_CIPHERS to configure SSL on your httpd-lm webserver. Each of these supported Config SSL_CIPHERS strings is rated and identifies any browser restrictions.
A+ Rating - Works Only for Firefox
Config SSL_CIPHERS {TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA}
B+ Rating - Works for All Browsers - More Restrictive
Config SSL_CIPHERS {TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA}
B Rating - Works for All Browsers Except Firefox
Disables DES, 3DES, RC4, RC2, MD5, eNULL, aNULL, and TLS 1.0 and 1.1Config SSL_CIPHERS {DEFAULT:!DES:!3DES:!RC4:!RC2:!MD5:!aNULL:!eNULL:!TLSv1}
To enforce TLS 1.2 or higher, an Nginx reverse proxy must be used. See the Enforcing TLS 1.2 or 1.3 in Lyris LM Through an Nginx Reverse Proxy article for details.
B Rating - Works for All Browsers
Disables DES, 3DES, RC4, RC2, MD5, eNULL and aNULLConfig SSL_CIPHERS {DEFAULT:!DES:!3DES:!RC4:!RC2:!MD5:!aNULL:!eNULL}