I'm trying to configure my webserver for perfect forward secrecy.
I'm using
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+ECDSA+AESCBC:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+AESCBC:EECDH+aRSA+RC4:EDH+aRSA:EECDH:RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;
the problem is that, at least on mac os 10.9, all major browsers (chrome, firefox, safari, all up to date) will use RC4 as the cipher (TLS_ECDHE_RSA_WITH_RC4_128_SHA)
Disabling RC4 on the server will result in an ssl error on the client.
what I'm doing wrong, and is it reasonable to have pfs with a not-to-secure cypher?
edit: now I'm using
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA;
It works with chrome and safari, but firefox 25 fails to establish a connection