Welcome! Log In Create A New Profile

Advanced

Re: Default SSL protocols

Previous Message Next Message
Forum List Message List New Topic Print View
Ray
October 04, 2009 07:34AM
Yeps I agree on that point. Wonder what the others think of this?

Just for reference/discussion, I set my SSL parameters to be as such:
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:MEDIUM:!SSLv2:!aNULL:@STRENGTH;

Ray

On Sun, Oct 4, 2009 at 6:07 AM, Matt Goodall <matt.goodall@gmail.com> wrote:

> Hi,
>
> I just noticed that the SSL module enables SSLv2 by default,
> "ssl_protocols SSLv2 SSLv3 TLSv1 " (see
> http://wiki.nginx.org/NginxHttpSslModule#ssl_protocols).
>
> Given that SSLv2 is generally considered "weak" these days
> (http://en.wikipedia.org/wiki/Secure_Sockets_Layer#Security) and is
> disabled in most modern browsers would it make sense to change the
> default to "ssl_protocols SSLv3 TLSv1"?
>
> - Matt
>
>
Reply Quote
RSS
Subject Author Posted

Default SSL protocols

Matt Goodall October 03, 2009 06:12PM

Re: Default SSL protocols

Ray October 04, 2009 07:34AM

Re: Default SSL protocols

Igor Sysoev October 04, 2009 03:42PM

Re: Default SSL protocols

Calomel Org October 06, 2009 03:28PM

Re: Default SSL protocols

mike October 06, 2009 03:38PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 152
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready