<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Да, только один.<br>
Пробовал еще включать и выключать http2 - ничего не меняется.<br>
</p>
<div class="moz-cite-prefix">28.09.2017 13:14, Alex Domoradov пишет:<br>
</div>
<blockquote type="cite"
cite="mid:CAK90gp6BCrTjCCMoig2P67XvuA7raO_DZC80qsEZ67=6QPCR7A@mail.gmail.com">
<div dir="ltr">
<div class="gmail_default"
style="font-family:verdana,sans-serif">А у вас только один ssl
хост?<br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Sep 28, 2017 at 12:59 PM,
Максим Баштовой <span dir="ltr"><<a
href="mailto:mail@sho0ter.com" target="_blank"
moz-do-not-send="true">mail@sho0ter.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div>
<p>nginx 1.13.5-1<br>
openssl 1.1.0f-5</p>
<p>ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;<br>
ssl_certificate /etc/nginx/ssl/chained.crt;<br>
ssl_certificate_key /etc/nginx/ssl/ssl.key;<br>
ssl_dhparam /etc/nginx/ssl/dhparam.pem;<br>
ssl_prefer_server_ciphers on;<br>
ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:<wbr>RSA+3DES:!NULL:!RC4;<br>
ssl_ecdh_curve prime256v1;<br>
ssl_session_cache shared:SSL:10m;<br>
ssl_session_tickets off;<br>
ssl_stapling on;<br>
ssl_stapling_verify on;<br>
ssl_trusted_certificate /etc/nginx/ssl/ocsp.crt;<br>
resolver 8.8.8.8 8.8.4.4 valid=300s;<br>
resolver_timeout 5s;<br>
add_header Strict-Transport-Security "max-age=31536000;
includeSubDomains; preload";<br>
#add_header X-Frame-Options SOMEORIGIN;<br>
add_header X-Content-Type-Options nosniff;<br>
add_header X-XSS-Protection "1; mode=block;";</p>
<p>SSL тест сообщает:</p>
<table class="m_-7356182935368050795reportTable
m_-7356182935368050795mceItemTable"
style="border-collapse:collapse;width:850px;margin:0px
10px 0px
0px;padding:0px;font-size:12px;line-height:20px;font-family:Arial,Helvetica,sans-serif;background-color:#fdfdfd">
<thead><tr>
<td class="m_-7356182935368050795tableHead"
style="color:#009ddf;font-weight:bold;padding-bottom:5px;vertical-align:middle;border-bottom:2px
solid #c6d2d4;font-size:13px" colspan="2">Protocols</td>
</tr>
</thead><tbody>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">TLS 1.3</td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">No</td>
</tr>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle"><font color="green">TLS
1.2</font></td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle"><font color="green">Yes</font></td>
</tr>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">TLS 1.1</td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">No</td>
</tr>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">TLS 1.0</td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">No</td>
</tr>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">SSL 3</td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">No</td>
</tr>
<tr class="m_-7356182935368050795tableRow">
<td class="m_-7356182935368050795tableLeft"
style="padding:3px 0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">SSL 2</td>
<td class="m_-7356182935368050795tableRight"
style="width:50px;text-align:right;padding:3px
0px;border-bottom:1px solid
#f0f0f0;vertical-align:middle">No</td>
</tr>
</tbody>
</table>
<p><br>
</p>
<p>Старые браузеры, соотв., поотваливались</p>
<p>Подскажите, пожалуйста, как вернуть поддержку старых
версий TLS?<br>
<br>
С уважением,<br>
Максим Баштовой<br>
<a href="http://www.sho0ter.com" target="_blank"
moz-do-not-send="true">www.sho0ter.com</a><br>
<a href="mailto:mail@sho0ter.com" target="_blank"
moz-do-not-send="true">mail@sho0ter.com</a></p>
</div>
<br>
______________________________<wbr>_________________<br>
nginx-ru mailing list<br>
<a href="mailto:nginx-ru@nginx.org" moz-do-not-send="true">nginx-ru@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx-ru"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://mailman.nginx.org/<wbr>mailman/listinfo/nginx-ru</a><br>
</blockquote>
</div>
<br>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
nginx-ru mailing list
<a class="moz-txt-link-abbreviated" href="mailto:nginx-ru@nginx.org">nginx-ru@nginx.org</a>
<a class="moz-txt-link-freetext" href="http://mailman.nginx.org/mailman/listinfo/nginx-ru">http://mailman.nginx.org/mailman/listinfo/nginx-ru</a></pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
С уважением,
Максим "Sho0ter" Баштовой
<a class="moz-txt-link-abbreviated" href="http://www.sho0ter.com">www.sho0ter.com</a>
<a class="moz-txt-link-abbreviated" href="mailto:mail@sho0ter.com">mail@sho0ter.com</a></pre>
</body>
</html>