@railsassets it's 2015, no reason to DH when you can ECDH ;)
@railsassets your ciphersuite configuration is breaking JRuby: https://gist.github.com/tarcieri/95f41af8751e765f5ac2 … perhaps get rid of all the DH ciphersuites
-
-
-
@railsassets specifically, 4096-bit DH (group 16???! never seen it used) is not supported by the JVM / JRuby -
@railsassets nor is anything but 1024-bit DH, which is generally considered weak / insecure. So tl;dr: get rid of DH to fix JRuby -
@bascule@railsassets Sounds good to me...we don't have a great deal of options if JVM doesn't support it.
End of conversation
New conversation -
-
-
@bascule@railsassets We have fixed the issue on our front-end server. fyi mozilla recommends keys with > 1024-bits https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations … -
@ShellyCloud@railsassets yes that's good advice, however better advice is to shut DHE off entirely since you support ECDHE ;)
End of conversation
New conversation -
-
-
@bascule We are hosting@railsassets and we will review our front-end configurationThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.