...well, except for the cipher suites that require an OpenSSL >= 1.0.0, but that's an adventure for another day.
wget http://redmine.lighttpd.net/attachments/download/1395/ssl-compression.diff wget http://ftp.us.debian.org/debian/pool/main/l/lighttpd/lighttpd_1.4.31-3.debian.tar.gz wget http://ftp.us.debian.org/debian/pool/main/l/lighttpd/lighttpd_1.4.31.orig.tar.gz tar xvzf lighttpd_1.4.31.orig.tar.gz cd lighttpd-1.4.31/ tar xvzf ../lighttpd_1.4.31-3.debian.tar.gz vi debian/control [and get rid of the dpkg-dev version dependency] vi debian/rules [and get rid of the "export=config" line and the previous backslash] patch -p1 <../ssl-compression.diff debuild -us -uc [then install all of the dependencies it barks about and try again...] cd .. sudo dpkg -i lighttpd_1.4.31-3_amd64.deb sudo /etc/init.d/lighttpd restartAnd make sure these options are in your lighttpd ssl.conf:
ssl.cipher-list = "RC4-SHA:AES256-SHA:AES128-SHA:DES-CBC3-SHA"
ssl.honor-cipher-order = "enable"
ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"
ssl.use-compression = "disable"