Maxim Dounin Wrote:
-------------------------------------------------------
> > [...]
>
> [...]
>
> Upgrade to nginx 1.15.3+, this problem is expected to be addressed by
> this commit:
>
> http://hg.nginx.org/nginx/rev/7ad0f4ace359
>
> Alternatively, you can modify (and/or disable via the OPENSSL_CONF
> environment variable specifically for nginx) system-wide OpenSSL
> configuration file which disables protocols before TLS 1.2.
>
> --
> Maxim Dounin
> http://mdounin.ru/
Thank you Maxim. Solved by editing /etc/ssl/openssl.conf
[system_default_sect]
-MinProtocol = TLSv1.2
+MinProtocol = TLSv1
I understand about OPENSSL_CONF env var just for nginx - but for me system wide is fine too.
Thanks again!