Welcome! Log In Create A New Profile

Advanced

Re: Getting forward secrecy enabled

October 02, 2013 01:34AM
hmm, looks like some mismatch: in yoiur config you define ECDH, but in your screenshot
i see DH configured (please compare your screenshot with the ssllabs-link i provided, esp.
the cipher-suites/handshake - part.

should be:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH 256 bits (eq. 3072 bits RSA) FS

is:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) DH 4096 bits



your openssl-version seems to be OK.

did you compiled nginx with your own version of openssl?

if not, what gives "openssl version" ?
SubjectAuthorPosted

Getting forward secrecy enabled

Anonymous UserOctober 02, 2013 12:13AM

Re: Getting forward secrecy enabled

mexOctober 02, 2013 12:52AM

Re: Getting forward secrecy enabled

mexOctober 02, 2013 01:00AM

Re: Getting forward secrecy enabled

Anonymous UserOctober 02, 2013 01:16AM

Re: Getting forward secrecy enabled

Anonymous UserOctober 02, 2013 01:18AM

Re: Getting forward secrecy enabled

mexOctober 02, 2013 01:34AM

Re: Getting forward secrecy enabled

Anonymous UserOctober 02, 2013 01:32AM

Re: Getting forward secrecy enabled

mexOctober 02, 2013 01:46AM

Re: Getting forward secrecy enabled

Anonymous UserOctober 02, 2013 01:57AM

Re: Getting forward secrecy enabled

mexOctober 02, 2013 02:29AM

Re: Getting forward secrecy enabled

Darren PilgrimOctober 02, 2013 04:26AM

Re: Getting forward secrecy enabled

mexOctober 10, 2013 11:42AM

Re: Getting forward secrecy enabled

Vahan YerkanianOctober 02, 2013 07:10AM

Re: Getting forward secrecy enabled

Anonymous UserOctober 03, 2013 02:29AM

Re: Getting forward secrecy enabled

Sergey BudnevitchOctober 03, 2013 08:38AM

Re: Getting forward secrecy enabled

Sergey BudnevitchOctober 03, 2013 09:18AM

Re: Getting forward secrecy enabled

Gena MakhomedOctober 03, 2013 09:30AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 113
Record Number of Users: 5 on December 17, 2014
Record Number of Guests: 180 on December 21, 2014
Powered by nginx    Powered by FreeBSD    PHP Powered    Powered by Percona     ipv6 ready