Show all posts by user
Introduce yourselves
Page 1 of 1 Pages: 1
Results 1 - 4 of 4
Hello
this is my topology:
client(my laptop)--https-->reverse proxy(vm1)--https-->upstream(10.X.X.X vm2)
client (public ip 1.2.3.4)
reverse proxy (public ip 5.6.7.8 , nginx, trusted certificates sign by globalsign)
upstream (private ip 10.X.X.X , IIS8, certificates signed by my own CA)
I can access from laptop to upstream web application but, browser show me untrusted certificate.
by
Boris_Krizman
-
How to...
This i found on github from user kaduk when i google your error message from openssl command.
The TLS 1.3 ciphersuites are qualitatively different than ciphersuites prior to TLS 1.3 (e.g., in that the TLS 1.2 codepoints specify a key exchange mechanism but in TLS 1.3 that is separately negotiated). You have to use the -ciphersuites argument to configure them manually.
by
Boris_Krizman
-
How to...
TLS 1.3 requires that you specify the following AEAD (Authenticated Encryption with Associated Data) ciphers:
Try remove from nginx configuration ECDHE-ECDSA-CHACHA20 POLY1305:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES
and leve those three:
TLS13-CHACHA20-POLY1305-SHA256
TLS13-AES-256-GCM-SHA384
TLS13-AES-128-GCM-SHA256
You may tweak the order, but you should a
by
Boris_Krizman
-
How to...
Hello Everybody
I'm system engineer for small software company, We develop web application on saas platform. I want to became expert for NGINX services and that's why I am here.
by
Boris_Krizman
-
New Member Introductions