From ba2da3ed822e2e835696314934161828fd698398 Mon Sep 17 00:00:00 2001
From: Till Maas <opensource@till.name>
Date: Sun, 21 Sep 2014 13:57:52 +0200
Subject: [PATCH] copr-fe: Use secure TLSv1.1 and TLSv1.2 ciphers

---
 files/copr/fe/httpd/coprs.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/files/copr/fe/httpd/coprs.conf b/files/copr/fe/httpd/coprs.conf
index ff3269c32c..242d2444dc 100644
--- a/files/copr/fe/httpd/coprs.conf
+++ b/files/copr/fe/httpd/coprs.conf
@@ -22,8 +22,8 @@ WSGISocketPrefix /var/run/wsgi
 <VirtualHost *:443>
     SSLEngine on
     SSLProtocol all -SSLv2
-    #optimeize on speed
-    SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
+    # Use secure TLSv1.1 and TLSv1.2 ciphers
+    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
     SSLHonorCipherOrder on
     Header add Strict-Transport-Security "max-age=15768000"