Hi, I am looking to achieve an A+ rating on ssllabs.com, the two areas lacking are key exchange and cypher strength.
Believe I would need:
- Key or DH parameter strength >= 4096 bits
- Cypher strength >= 256 bits
Think I currently have:
- RSA 2048 bits
And am allowing:
- TLS_AES_128_GCM_SHA256 (0x1301)
(please correct me, if misunderstanding the issue.)
Is it possible to influence this per account, for using the automated Let's Encrypt, set up with python anywhere, either through user settings or support email. Or should be I be using a custom certificate set up?
Appreciate the assistance.