You are using an older browser, which will result in a bad experience. Upgrade your browser

A-grade SSL Listeners

Advanced Configuration of Axigen

Documentation
Advanced Configuration of Axigen
A-grade SSL Listeners

Introduction

The team at Qualys (https://www.qualys.com/) have developed a very complex SSL Tester (https://www.ssllabs.com/) that enable administrators to asses and properly configure their SSL listeners.

On the other hand, the team at Mozilla published a detailed article (https://wiki.mozilla.org/Security/Server_Side_TLS) on SSL cipher suits and their compatibility with the plethora of Web browsers available on the Internet.

Mandatory requirement: run the latest version of the Axigen server.

Axigen Recommended SSL Cipher Suite List

Recommended SSL Cipher Suite to be configured in SSL Listeners tab:

SSL Listeners Recommended Configurations

Allowed SSL Versions:

TLS1.2, and TLS1.3

Use Cipher suite:

!AECDH:!ADH:!aNULL:!eNULL:!RC4:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:HIGH:!MD5:!EDH:!EXPORT

Prefer server's cipher suite order:

Checked

Use Ephemeral Key:

Checked

SSLLabs Result


Axigen is a powerful, award-winning Windows & Linux mail server. A free mail server version is also available, along with the business mail server and the MSP mail server, for Managed Service Providers, which also include features like personal organizer, AntiVirus, AntiSpam, or advanced security policies. The carrier-class ISP mail server solutions completes the Axigen product range, with clustering support & delegated administration.

Axigen uses cookies. By using our services, you’re agreeing to our Cookie Policy. GOT IT