Hi,

is it possible to force the server cipher order instead of the clients preferences? When I connect with openssl using these ciphers:

'RC4-SHA:DHE-RSA-AES256-GCM-SHA384' -> RC4-SHA will be selected and with 'DHE-RSA-AES256-GCM-SHA384:RC4-SHA' -> DHE-RSA-AES256-GCM-SHA384

It seems to be recommended for webservers to override that due to bad clients choices and increasing knowledge, like RC4 vs. BEAST, AES128 better (theoretical) than AES256.

Regards, Matthias