Hi
For our legacy API service, we have nginx 1.2.4 installed on Centos 6.3
Our client have asked us to support ECDHE cipher which is not supported on nginx 1.2.4
I tried to add the required ciphers using below configuration
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
But this did not work. I need help with-
1. How do I enable ECDHE with only configuration changes
2. Is this dependent on libssl or other component, if yes, is there a way to upgrade only the required components
3. In case nginx upgrade is the only option, I want to know which is the minimum version upgrade after 1.2.4 that supports ECDHE, This question itself has several challenges
3.1 RPMs and dockers are available only starting version 1.8, but I want to install older versions and only option looks like building from source. But the build fails at compilation so I dont know how to resolve it
3.2 In case I am forced to install version 1.8, how do I understand what potential impact it can have in terms of functionality and it will not break anything
How do I understand what will be impact of t