View Single Post
Old 01-07-2008, 06:34 AM  
Junior Member
Join Date: May 2007
Posts: 16

Ok, but reading around the web about SSL handshake and protocol negotiation, the server offers a list of encryption suites available on his side and the client chose the best one for him in the list (meaning the supprted ones on his side).
But what i could read around for instance, the Apache http server is able to offer in its config files the possibility of chosing allowed encryption suites thus forcing the client to chose between a restricted selection of encryption suites.

here's the example
BigBoxer is offline   Reply With Quote