hi all,
i have several nginx sites, and as i try to deploy ssl, i am having issues with `ssl_protocols`
<config>
....
ssl on;
ssl_certificate /etc/x509V6/domain.crt;
ssl_certificate_key /etc/x509V6/domain.key;
ssl_session_cache off;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5;
....
</config>
this configuration can then be tested with: https://testssl.sh/testssl.sh
SSLv2 NOT offered (ok)
SSLv3 offered
TLSv1 not offered
TLSv1.1 not offered
TLSv1.2 not offered
SPDY/NPN http/1.1 (advertised)
so SSLv3 is still offered and SSLv1.2 is not offered.
any ideas on how to get the `ssl_protocols` to be parsed and respected by nginx?
thanks
m
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx