Enable ECDHE cipher on nginx 1.2.4
September 06, 2022 02:04PM
Hi

For our legacy API service, we have nginx 1.2.4 installed on Centos 6.3

Our client have asked us to support ECDHE cipher which is not supported on nginx 1.2.4

I tried to add the required ciphers using below configuration

ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

But this did not work. I need help with-

1. How do I enable ECDHE with only configuration changes
2. Is this dependent on libssl or other component, if yes, is there a way to upgrade only the required components
3. In case nginx upgrade is the only option, I want to know which is the minimum version upgrade after 1.2.4 that supports ECDHE, This question itself has several challenges
3.1 RPMs and dockers are available only starting version 1.8, but I want to install older versions and only option looks like building from source. But the build fails at compilation so I dont know how to resolve it
3.2 In case I am forced to install version 1.8, how do I understand what potential impact it can have in terms of functionality and it will not break anything
How do I understand what will be impact of t
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 177
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready