As various ssl implementations have different ideas about
which dh key lengths are acceptable, refrain from standard
dh altogether (and not only from anonymous dh) to avoid
handshake problems.
Signed-off-by: Klaus Aehlig <aehlig@google.com>
Reviewed-by: Helga Velroyen <helgav@google.com>
-- after it's been removed. Use the "openssl" utility to check the
-- allowed ciphers, e.g. "openssl ciphers -v HIGH:-DES".
opensslCiphers :: String
-opensslCiphers = "HIGH:-DES:-3DES:-EXPORT:-ADH"
+opensslCiphers = "HIGH:-DES:-3DES:-EXPORT:-DH"
-- * X509