logging which SSL cipher a client is using
kepler at calomel.org
Fri Jul 2 22:15:01 MSD 2010
Thanks again. I see now that the variables in the ngx_http_ssl_module
can be used in logging. Works perfectly.
Calomel @ https://calomel.org
Open Source Research and Reference
On Fri, Jul 02, 2010 at 02:09:42PM -0400, Igor Sysoev wrote:
>On Fri, Jul 02, 2010 at 01:21:42PM -0400, Calomel Org wrote:
>> Does anyone know of a way to log which SSL cipher a remote client
>> connects with?
>> For example, if a Firefox v3.6.x client connects and uses AES256 with
>> Diffie-Hellman then I could log the cipher string
>> The Googlebot does not use AES or DH so they would connect using 3TDES
>> and log the cipher as DES-CBC3-SHA.
>> It would be good to know which ciphers client use and which they do
>> not. Then a web server admin would be able to get rid of unused and
>> possibly weak cipher suites.
>> Any ideas are welcome.
>nginx mailing list
>nginx at nginx.org
More information about the nginx