How to Set SSL Ciphers and update OpenSSL for PCI Compliant (Apache)

SSL Cipher Settings (PCI Compliant) If you going to use SSL for your site, make sure that you disable low level ciphers. To do this, simply edit: #/etc/httpd/conf.d/ssl.conf SSLProtocol -ALL +SSLv3 +TLSv1 SSLHonorCipherOrder On SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RCA4+RSA:+HIGH:!LOW:!MEDIUM #Save the file and restart the apache service httpd restart #check to see if the settings are working openssl […]