# Enable Forward Secrecy in Apache 2.2 & courier-imap? SOLVED

## Duncan Mac Leod

Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap?Last edited by Duncan Mac Leod on Sat Jun 21, 2014 6:42 pm; edited 1 time in total

----------

## gerdesj

 *Duncan Mac Leod wrote:*   

> Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap?

 

I'm 95% sure you need Apache 2.4 to enable PFS.

----------

## Duncan Mac Leod

 *gerdesj wrote:*   

>  *Duncan Mac Leod wrote:*   Any advice on how to enable perfect forward secrecy in Apache 2.2 & courier-imap? 
> 
> I'm 95% sure you need Apache 2.4 to enable PFS.

 

NO, NOT NEEDED...

I figured out how to make Apache SECURE the right way  :Cool:  with Forward Secrecy AND HTTP Strict Transport Security

```

SSLProtocol all -SSLv2 -SSLv3

SSLCompression Off

SSLHonorCipherOrder On

SSLCipherSuite "EECDH+AESGCM EDH+AESGCM EECDH -RC4 EDH -CAMELLIA -SEED !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

```

Just testing Forward Secrecy on Courier-IMAP  :Wink:  ...

----------

