Default SSL protocols

Calomel Org faraday at
Tue Oct 6 23:09:42 MSD 2009

I would vote to only allow the highest and most secure ciphers
supported by the majority of modern search bots and browsers.

 ssl on;
 ssl_ciphers HIGH:!ADH:!MD5;
 ssl_prefer_server_ciphers on;
 ssl_protocols SSLv3;

Do not allow export controlled, anonymous or MD5 ciphers due to their
weak encryption. Allow only AES 128 or 256 bit and 3DES 168 bit. 3DES
is necessary to allow most modern search bots like Google, Yahoo and
Bing access to the site if needed.

user at machine: openssl ciphers -ssl3 -v 'HIGH:!ADH:!MD5:@STRENGTH'
DHE-RSA-AES256-SHA   SSLv3 Kx=DH  Au=RSA  Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA   SSLv3 Kx=DH  Au=DSS  Enc=AES(256) Mac=SHA1
AES256-SHA           SSLv3 Kx=RSA Au=RSA  Enc=AES(256) Mac=SHA1
DES-CBC3-SHA         SSLv3 Kx=RSA Au=RSA  Enc=3DES(168) Mac=SHA1
DHE-RSA-AES128-SHA   SSLv3 Kx=DH  Au=RSA  Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA   SSLv3 Kx=DH  Au=DSS  Enc=AES(128) Mac=SHA1
AES128-SHA           SSLv3 Kx=RSA Au=RSA  Enc=AES(128) Mac=SHA1

My reasoning and detailed explanations can be found at:

  Guide to Webserver SSL Certificates

   Calomel @
   Open Source Research and Reference

On Sun, Oct 04, 2009 at 03:53:11PM -0400, Igor Sysoev wrote:
>On Sat, Oct 03, 2009 at 11:07:44PM +0100, Matt Goodall wrote:
>> I just noticed that the SSL module enables SSLv2 by default,
>> "ssl_protocols SSLv2 SSLv3 TLSv1 " (see
>> Given that SSLv2 is generally considered "weak" these days
>> ( and is
>> disabled in most modern browsers would it make sense to change the
>> default to "ssl_protocols SSLv3 TLSv1"?
>I thought to disable it by default some time ago.
>I will disable it in next 0.8.18 version.
>Igor Sysoev

More information about the nginx mailing list