I'm currently running Apache 2.2 on a Centos 6.7 machine. I need to disable the usage of the RC4 cipher under openSSL. Here is my current SSL config:
SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect. Disable SSLv2 access by default:
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
I've found various sites recommending changing a bunch of the ciphers permitted at once, but I'm not sure if that would possibly break other things.
Best Answer
You should follow a better approach when configuring TLS.
Follow the Recommended configurations from Mozilla, a secure TLS configuration is more than disable RC4.
https://wiki.mozilla.org/Security/Server_Side_TLS
But since you are asking for disable RC4 based on your config here is: