Hello,
I have the correct variables enabled in my sites-available/default and ssllabs reports that TLS v1 is available, but TLS v1.1 and TLS v1.2 are not:
ssl_protocols TLSv1.1 TLSv1.2 TLSv1 SSLv3;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
I am using the pre-built nginx 1.2 packages from 'deb http://nginx.org/packages/ubuntu/ oneiric nginx' and I would like to enable TLS 1.1/1.2. I'm running OpenSSL 1.0.0e and I understand I need to run at least 1.0.1 for TLS 1.1/1.2 to be supported.
Is this a matter of just upgrading OpenSSL at the Ubuntu (Linux) level, or will I need to build Nginx from source with the OpenSSL 1.0.1 libs?
As a secondary question, have any dates been thrown around as to when packages will be released that enable TLS v1.1/v1.2?
Thanks as always,
Matt