Summary
@andreychek 
“Forward secrecy (FS) also known as perfect forward secrecy (PFS), is a property of secure communication protocols in which compromises of long-term keys does not compromise past session keys. Forward secrecy protects past sessions against future compromises of private key. The very popular RSA key exchange doesn’t provide forward secrecy. You need to support and prefer ECDHE suites in order to enable forward secrecy with modern web browsers.”
Detail
- Related Virtualmin more recent ticket at Forward Secrecy - #6 by eclipse
- https://en.wikipedia.org/wiki/Forward_secrecy
- RFC 2412
- SSL and TLS Deployment Best Practices · ssllabs/research Wiki · GitHub
- https://archive.md/HwHAx#selection-1547.0-1555.396
Test
This free software allows you to test if your SSL certificate presently installed on a domain name supports PFS at SSL Server Test (Powered by Qualys SSL Labs)