Welcome! Log In Create A New Profile

Advanced

RE: nginx centos build only supports SSLv3 and ignores ssl_protocols

Lukas Tribus
October 01, 2014 02:46PM
> btw, it seems impossible to have
>
> ...
> ssl_protocols TLSv1.2;
> ...
>
> and a testresult of
>
> SSLv2 NOT offered (ok)
> SSLv3 offered
> TLSv1 not offered
> TLSv1.1 not offered
> TLSv1.2 not offered

No, its very possible. A SSL_CTX_set_ssl_version() call can fail,
or the call itself can be #ifdef'ed out.



> iirc, openssl 1.0.1e should be able to provide tls 1.2, so
> it seems quite strange

It may be:
- the nginx centos 6 RPM is linked against openssl 0.9.8 AND
- when using a source build, you didn't stop and start the correct executable AND/OR
- you have some library mismatch/mess on your system


If you don't care about the possible mess on your system and want a fast fix,
just build it statically, as previously suggested.



Regards,

Lukas


_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
Subject Author Posted

nginx centos build only supports SSLv3 and ignores ssl_protocols

mayak October 01, 2014 08:12AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

mex October 01, 2014 08:33AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

mayak October 01, 2014 10:40AM

RE: nginx centos build only supports SSLv3 and ignores ssl_protocols

Lukas Tribus October 01, 2014 10:56AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

mayak October 01, 2014 11:12AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

mex October 01, 2014 01:26PM

RE: nginx centos build only supports SSLv3 and ignores ssl_protocols

Lukas Tribus October 01, 2014 02:46PM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

mayak October 01, 2014 04:48PM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols

GreenGecko October 01, 2014 06:18PM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols [solved -- found an issue in nginx]

mayak October 02, 2014 02:02AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols[solved -- found an issue in nginx]

Rob Stradling October 02, 2014 08:50AM

Re: nginx centos build only supports SSLv3 and ignores ssl_protocols[solved -- found an issue in nginx]

mayak October 02, 2014 01:34PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 127
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready