var spdy = require('spdy'),
http = require('http'),
fs = require('fs'),
constants = require('constants');
var options = {
windowSize: 1024 * 1024,
ciphers: [
"ECDH+aRSA+AESGCM",
"ECDH+aRSA+AES",
"EDH+aRSA+AESGCM",
"EDH+aRSA+AES",
"DH+aRSA+AESGCM",
"DH+aRSA+AES",
"ECDHE-RSA-AES256-GCM-SHA384",
"ECDHE-RSA-AES128-GCM-SHA256",
"ECDHE-RSA-AES256-SHA384",
"ECDHE-RSA-AES128-SHA256",
"ECDHE-RSA-AES256-SHA",
"ECDHE-RSA-AES128-SHA",
"EDH-RSA-DES-CBC3-SHA",
"DHE-RSA-AES256-SHA",
"AES256-SHA256",
"AES256-SHA",
"DES-CBC3-SHA"
].join(':'),
SSLProtocol: 'all',
secureOptions: constants.SSL_OP_NO_SSLv3 | constants.SSL_OP_NO_SSLv2 | constants.SSL_OP_SINGLE_DH_USE | constants.SSL_OP_SINGLE_ECDH_USE,
honorCipherOrder: true,
ca: fs.readFileSync(__dirname+'/ca.cer'),
extend: function(a){
for(var t in this){
if ((t != 'extend') && (!a[t])) a[t] = this[t];
}
return a;
}
};
with(spdy.createServer(options.extend({
key: fs.readFileSync(__dirname+'/phoenix.key'),
cert: fs.readFileSync(__dirname+'/phoenix.cer'),
}),require('./phoenix/app.js'))){
listen(443,'<Amazon aws internal IP was here>');
};
mylogin@phoenix-amazon:~$ openssl ciphers -v "ECDH+aRSA+AESGCM:ECDH+aRSA+AES:EDH+aRSA+AESGCM:EDH+aRSA+AES:DH+aRSA+AESGCM:DH+aRSA+AES:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA:AES256-SHA256:AES256-SHA:DES-CBC3-SHA"
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA384
ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA256
ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(256) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES256-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(256) Mac=SHA256
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-RSA-AES128-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AES(128) Mac=SHA256
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
AES256-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA256
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1