logging which SSL cipher a client is using
kepler at calomel.org
Fri Jul 2 21:21:42 MSD 2010
Does anyone know of a way to log which SSL cipher a remote client
For example, if a Firefox v3.6.x client connects and uses AES256 with
Diffie-Hellman then I could log the cipher string
The Googlebot does not use AES or DH so they would connect using 3TDES
and log the cipher as DES-CBC3-SHA.
It would be good to know which ciphers client use and which they do
not. Then a web server admin would be able to get rid of unused and
possibly weak cipher suites.
Any ideas are welcome.
Calomel @ https://calomel.org
Open Source Research and Reference
More information about the nginx