Use modern cryptographic practices when setting up SSL and TLS services on your server

To make sure that your iOS and OS X clients can connect to your server, use Diffie-Hellman keys with a group size of 2048 bits or greater.

Este artículo se ha archivado y Apple ya no lo actualiza.

To ensure security and privacy for your users, and interoperability with Apple products, server administrators should use a group size of 2048 bits or greater when using Diffie-Hellman key exchange.

Services that might use these types of connections include:

Enterprise Wi-Fi (802.1X)
Secure email connections
Secure web connections (HTTPS)
Secure Internet printing (IPP over TLS/SSL)

iOS 8.4 and OS X v10.10.4 provide increased security against the "Logjam" vulnerability. After updating an iPhone, iPad, iPod touch, or Mac, these devices no longer connect to servers or webpages that are set up using weaker Diffie-Hellman encryption.

If your users can't establish a secure connection after updating, check the configuration of your server. Refer to these links for more information:

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Fecha de publicación: 25 de agosto de 2016

Use modern cryptographic practices when setting up SSL and TLS services on your server

Inicia una conversación en las Comunidades de soporte de Apple