SSLCipherSuite settings in Apache for supporting TLS 1.0, 1.1 and 1.2

The following configuration is (or used to be) the best configuration according to SSLLabs:

SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1
SSLCompression off
SSLHonorCipherOrder on
SSLCipherSuite "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA"

It will, however, exclude all older browsers (including Opera Mini!), because it lacks non-PFS and RC4 cipher suites. You can append the following (before the closing quote, of course) to enable RC4, including a fallback (last entry) to RC4 without PFS:

:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:RC4-SHA

You should encourage users to upgrade ASAP. RC4 is broken and should no longer be used, especially without PFS.

To achieve better grades, also send a HSTS header (for this to work, you need to enable mod_header):

Header always set Strict-Transport-Security "max-age=63072000;"

This configuration will not work for Apache <2.2.26, because it does not support Elliptic-curve cryptography.

Update:
Just checked, it’s still good for A+. :) I believe this requires a certificate with SHA256, though.

Update Oct 2015:
I recently found another generator for SSL configurations, provided by Mozilla. It orders ciphers so that Chrome doesn’t say you’re using a deprecated cipher suite.


 SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-SSLv3:-EXP:!kEDH
                                                           ^^^^^^^^

Disabling SSLv3 cipher suites disables all cipher suites introduced with SSL3.0. Since these ciphers suites are also used with later SSL versions (TLS1.0+) and new cipher suites were mostly introduced with TLS1.2 this setting makes TLS1.0 and TLS1.1 unavailable because of no shared ciphers. Thus the protocol is effectively restricted to TLS1.2.

If you would call openssl ciphers -V <cipher> with your cipher string you would see, that all available ciphers require TLS1.2.

For example: openssl ciphers -V TLSv1.2.


I found this recommendation on Cipherli.st:

SSLCipherSuite AES128+EECDH:AES128+EDH
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
# Requires Apache >= 2.4
SSLCompression off 
SSLUseStapling on 
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"