Option DisableSSL56bit

Learn how to use the Option DisableSSL56bit config.txt directive to specify SSL encryption algorithms that use only 56-bits to be disabled in EZproxy.

Option DisableSSL56bit specifies that SSL encryption algorithms that use only 56-bits should be disabled.  This option also disables 40-bit encryption algorithms, but unlike Option DisableSSL40bit, this option does not automatically disable SSLv2 processing.
40-bit and 56-bit algorithms remain enabled in EZproxy by default for backward compatibility, but are generally regarded as weak protocols that are best disabled using this option.

This directive must appear before any LoginPortSSL directives.

Syntax

Option DisableSSL56bit

Examples

Disable 56-bit (and also 40-bit) algorithms plus SSLv2.  Unlike Option DisableSSL40bit, the Option DisableSSLv2 must appear explicitly to disable SSLv2 processing.  Note how both of these options appear before the first LoginPortSSL directive.

Option DisableSSL56bit
Option DisableSSLv2
LoginPortSSL 443

Related directives

Option DisableSSLv2, Option DisableSSL40bit