wiki

Changes

GC HTTPS Everywhere - Web Server Configurations (view source)

Revision as of 11:52, 18 November 2019

1,935 bytes added ,  11:52, 18 November 2019
no edit summary
Line 4: Line 4:  
|-
 
|-
 
! style="background: #dddddd; color: black" width="250px" scope="col" |[https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/policy-implementation-notices/implementing-https-secure-web-connections-itpin.html ITPIN 2018-01]
 
! style="background: #dddddd; color: black" width="250px" scope="col" |[https://www.canada.ca/en/government/system/digital-government/modern-emerging-technologies/policy-implementation-notices/implementing-https-secure-web-connections-itpin.html ITPIN 2018-01]
! style="background: #dddddd; color: black" width="250px" scope="col" |[[../Strategy | Implementation Strategy]]
+
! style="background: #dddddd; color: black" width="250px" scope="col" |[https://wiki.gccollab.ca/GC_HTTPS_Everywhere/Strategy Implementation Strategy]
! style="background: #dddddd; color: black" width="250px" scope="col" |[[../Implementation Guidance | Implementation Guidance]]
+
! style="background: #dddddd; color: black" width="250px" scope="col" |[https://wiki.gccollab.ca/GC_HTTPS_Everywhere/Implementation_Guidance Implementation Guidance]
! style="background: #dddddd; color: black" width="250px" scope="col" |[[../Communication Material | Communication Material]]
+
! style="background: #dddddd; color: black" width="250px" scope="col" |[https://wiki.gccollab.ca/GC_HTTPS_Everywhere/Communication_Material Communication Material]
 
|}
 
|}
 +
 +
Below are links to example web server configurations for various different platforms and versions. Majority of these were created using the [https://ssl-config.mozilla.org/ Mozilla SSL Configuration Generator]. Configurations are listed in order of age for legacy to modern.
 +
{| class="wikitable"
 +
|+Web Server Configurations
 +
!Platform
 +
!Version
 +
!OpenSSL Version
 +
!Link
 +
|-
 +
|Apache
 +
|2.2.15
 +
|1.1.0
 +
|[[:en:Apache_2.2.15_-_OpenSSL_1.1.0|Click Here!]]
 +
|-
 +
|Lighttpd
 +
|1.4.35
 +
|1.1.1
 +
|[[:en:Lighttpd_1.4.35_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|Microsoft IIS 8.5
 +
|Windows Server 2008 R2/2012/2016
 +
|N/A
 +
|[[:en:Microsoft_IIS_8.5_-_WinServer|Cert Install]] & [https://www.howtogeek.com/221080/how-to-update-your-windows-server-cipher-suite-for-better-security/ Cipher Order]
 +
|-
 +
|nginx
 +
|1.14.1
 +
|1.1.0
 +
|[[:en:Nginx_1.14.1_-_OpenSSL_1.1.0|Click Here!]]
 +
|-
 +
|AWS ELB
 +
|2014.2.19
 +
|1.1.1
 +
|[[:en:AWS_ELB_2014.2.19|Click Here!]]
 +
|-
 +
|Apache
 +
|2.4.35
 +
|1.0.2g
 +
|[[:en:Apache_2.4.35_-_OpenSSL_1.0.2g|Click Here!]]
 +
|-
 +
|MySQL
 +
|8.0.16
 +
|1.1.1
 +
|[[:en:MySQL_8.0.16_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|nginx
 +
|1.17.0
 +
|1.1.1
 +
|[[:en:Nginx_1.17.0_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|Apache
 +
|2.4.39
 +
|1.1.0k
 +
|[[:en:Apache_2.4.39_-_OpenSSL_1.1.0k|Click Here!]]
 +
|-
 +
|Caddy
 +
|0.11.5
 +
|1.1.1
 +
|[[:en:Caddy_0.11.5_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|Caddy
 +
|1.0
 +
|1.1.1
 +
|[[:en:Caddy_1.0_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|Haproxy
 +
|1.9.8
 +
|1.1.1
 +
|[[:en:Haproxy_1.9.8_-_OpenSSL_1.1.1|Click Here!]]
 +
|-
 +
|Traefik
 +
|1.7.12
 +
|1.1.1c
 +
|[[:en:Traefik_1.7.12_-_OpenSSL_1.1.1c|Click Here!]]
 +
|}
 +
 +
<br><br>
 +
Questions? Join the conversation on [https://message.gccollab.ca/channel/httpseverywhere-httpspartout GCmessage] (#HTTPSEverywhere-HTTPSpartout) or contact TBS Cyber Security at [mailto:ZZTBSCYBERS@tbs-sct.gc.ca ZZTBSCYBERS@tbs-sct.gc.ca] with any issues/concerns related to HTTPS implementation.
Tim.allardyce
263

edits

Retrieved from "https://wiki.gccollab.ca/Special:MobileDiff/12554...13857"