Removal of RC4 from HTTPS Cipher Suite

In line with current best practice we will shortly be removing the RC4 stream cipher from our Apache HTTPS sites. Indeed we’ve already removed it from without any apparent issues.

For more details see:

Modern browsers will connect via one of the various other SSL ciphers that we support. However, please do let support know if your web client has problems connecting to web sites after 26th of March.

The sort of browsers that might have problems, are old style candy-bar mobile phone browsers, eg on an 8 year old Nokia 6120 or if you are using Internet Explorer 6 on Windows XP. Slightly less old browsers can potentially use RC4, but will use a securer alternative in its absence.


About neilb

Computing staff at the University of Edinburgh. Part of the Services Unit.
This entry was posted in News, Service Update. Bookmark the permalink.

Leave a Reply