Port Fetch Failing

Matthew D. Fuller fullermd at over-yonder.net
Tue Jun 2 00:10:02 UTC 2015

On Mon, Jun 01, 2015 at 07:02:57PM -0500 I heard the voice of
Tim Daneliuk, and lo! it spake thus:
> This is what happens when you are:  A) In a hurry and B) Paranoid and
> C) Willing to copypasta a config without thought :(
> Thanks to you and Chuck, I have a more reasonable (I think):

That still looks awful weird.  Paranoid, and enabling +LOW?  If you're
having to explicitly list ciphers, you're probably on the wrong

And I suspect the "-SSLv3:-SSLv2" isn't really what you want.  You
probably want to disable the _protocols_, not the _ciphers_.  e.g., on
a 10.x machine, I have

SSLProtocol All -SSLv2 -SSLv3

(I figure every extra character on the CipherSuite line means either
I'm way smarter, or way dumber.  And there's only so much smarter I
can get, so...)

Matthew Fuller     (MF4839)   |  fullermd at over-yonder.net
Systems/Network Administrator |  http://www.over-yonder.net/~fullermd/
           On the Internet, nobody can hear you scream.

More information about the freebsd-ports mailing list