To ensure strong encryption, we strongly recommend the following configuration for the Apache server’s SSL cipher suite settings:
Use only High and Medium security cipher suites, such as RC4 and RSA.
Remove from consideration any ciphers that do not authenticate, such as Anonymous Diffie-Hellman (ADH) ciphers.
Disable the Low, Export, and Null cipher suites unless you need them for other applications.
Do not disable the Low and Export cipher suites if they are required by your customer base. Individuals using older browsers (4-5 years old) and older versions of Windows, such as Windows 98 might still need those cipher suites for other services.
For information, see Configuring the SSL Cipher Suites for the Apache Server
in the Novell iFolder 3.9.2 Administration Guide.
For information about configuring strong SSL/TLS security solutions, see SSL/TLS Strong Encryption: How-To on the Apache.org Web site.