Strong Encryption

Stronger SSL Encryption can be achieved by doing the following:

  • Upgrade your operating system
  • Upgrade Java
  • Upgrade Noodle
  • Get Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for JDK/JRE 8
  • Limit Ciphers
    • multiserver.conf
      • Connection.CM_1.Ciphers[] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
      • For less security but more compatibility add ,TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_GCM_SHA384
  • Limit Protocols
    • multiserver.conf
      • Connection.CM_1.Protocols[] = TLSv1.2
  • Add a CAA record to your DNS.

The available ciphers and protocols are listed on http://DOMAIN.TLD/Check.po?admin=now
Test at ssllabs.