I wonder why the Germany’s BSI, the Federal Office for Information Security requires The brainpool P256r1 curve. Also the must-have ECDHE-ECDSA-AES128-SHA256 aka TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 required by the BSI is a weak cipher. ALso They don’t allow Chacha 2.0 aka POLY 1305 ciphers
Here it comes.
SSLEngine On SSLUseStapling On SSLSessionCache shmcb:/opt/apache2/logs/ssl_gcache_data(512000) SSLStaplingCache shmcb:/opt/apache2/logs/ssl_stapling_data(512000) SSLOptions +StrictRequire +StdEnvVars -ExportCertData SSLProtocol -all +TLSv1.2 +TLSv1.3 SSLCompression Off SSLHonorCipherOrder On # The must have ECDHE-ECDSA-AES128-SHA256 aka TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 required by the BSI is a weak cipher SSLCipherSuite ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256 SSLCipherSuite TLSv1.3 TLS_AES_256_GCM_SHA384 SSLCertificateFile /etc/letsencrypt/live/tr-03116-4.example.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/tr-03116-4.example.com/privkey.pem SSLOpenSSLConfCmd ECDHParameters secp521r1 SSLOpenSSLConfCmd Curves X25519:secp521r1:secp384r1:brainpoolP256r1 SSLOpenSSLConfCmd SignatureAlgorithms "ECDSA+SHA512:ECDSA+SHA384:ECDSA+SHA256:RSA+SHA512:RSA+SHA384:RSA+SHA256:rsa_pss_rsae_sha512:rsa_pss_rsae_sha384:rsa_pss_rsae_sha256"
In order to test compliance, tls-check.de may be used. In the test results, look at “TLS Parameters and Algorithms (TLS 1.2)” in the “Supported Signature Algorithms” sections.
Really nice –> THX!