tls: more secure defaults

This updates the default cipher suite to an more secure list, which prefers strong ciphers with Forward Secrecy. Additionally, it enables `honorCipherOrder` by default. Noteable effect of this change is that the insecure RC4 ciphers are disabled and that Chrome negotiates a more secure ECDHE cipher. Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Fedor Indutny <fedor@indutny.com> PR-URL: https://github.com/iojs/io.js/pull/826
author: Roman Reiss <me@silverwind.io> 2015-02-15 18:43:36 +0100
committer: Fedor Indutny <fedor@indutny.com> 2015-02-16 12:33:12 +0100
commit: 77f35861d0217273b9e478f5d35bd7d8e471e14f (patch)
tree: f027b88a1ef22323dd66986f7e89546d2cd8c4f2 /test
parent: 20f8e7f17a931e3852f7c58a25db55bd78943697 (diff)
download: node-new-77f35861d0217273b9e478f5d35bd7d8e471e14f.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/test/parallel/test-tls-dhe.js b/test/parallel/test-tls-dhe.js
index 8c2892040f..af0db51b67 100644
--- a/test/parallel/test-tls-dhe.js
+++ b/test/parallel/test-tls-dhe.js
@@ -26,6 +26,7 @@ function test(keylen, expectedCipher, cb) {
   var options = {
     key: key,
     cert: cert,
+    ciphers: ciphers,
     dhparam: loadDHParam(keylen)
   };
author	Roman Reiss <me@silverwind.io>	2015-02-15 18:43:36 +0100
committer	Fedor Indutny <fedor@indutny.com>	2015-02-16 12:33:12 +0100
commit	77f35861d0217273b9e478f5d35bd7d8e471e14f (patch)
tree	f027b88a1ef22323dd66986f7e89546d2cd8c4f2 /test
parent	20f8e7f17a931e3852f7c58a25db55bd78943697 (diff)
download	node-new-77f35861d0217273b9e478f5d35bd7d8e471e14f.tar.gz