Welcome! Log In Create A New Profile

Re: logging which SSL cipher a client is using

Forum List Message List New Topic Print View

Calomel Org

July 02, 2010 02:26PM

Igor,

Thanks again. I see now that the variables in the ngx_http_ssl_module
can be used in logging. Works perfectly.

http://wiki.nginx.org/NginxHttpSslModule#Built-in_variables

--
Calomel @ https://calomel.org
Open Source Research and Reference

On Fri, Jul 02, 2010 at 02:09:42PM -0400, Igor Sysoev wrote:
>On Fri, Jul 02, 2010 at 01:21:42PM -0400, Calomel Org wrote:
>
>> Does anyone know of a way to log which SSL cipher a remote client
>> connects with?
>>
>> For example, if a Firefox v3.6.x client connects and uses AES256 with
>> Diffie-Hellman then I could log the cipher string
>> "DHE-RSA-AES256-SHA".
>>
>> The Googlebot does not use AES or DH so they would connect using 3TDES
>> and log the cipher as DES-CBC3-SHA.
>>
>>
>> It would be good to know which ciphers client use and which they do
>> not. Then a web server admin would be able to get rid of unused and
>> possibly weak cipher suites.
>>
>> Any ideas are welcome.
>
>$ssl_cipher
>
>
>--
>Igor Sysoev
>http://sysoev.ru/en/
>
>_______________________________________________
>nginx mailing list
>nginx@nginx.org
>http://nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Reply Quote

RSS

Subject	Author	Posted
logging which SSL cipher a client is using	Calomel Org	July 02, 2010 01:26PM
Re: logging which SSL cipher a client is using	Igor Sysoev	July 02, 2010 02:10PM
Re: logging which SSL cipher a client is using	Calomel Org	July 02, 2010 02:26PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 202

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018