ssl/tls https with red cross

tariq wali ganaiwali at
Wed May 30 15:44:59 UTC 2012


Looking to get some help from the group .

We are running nginx/0.7.62 and notice that https with red-cross (either
the connection is not encrypted or the page has some non https content and
in my case it is no encrypted connection ) this is how thw config looks

 server {
        listen       443;
        access_log on;
        ssl on;
        ssl_protocols        SSLv3 TLSv1 ;
#        ssl_ciphers          HIGH:!aNULL:!MD5;
        keepalive_timeout    60;
       ssl_session_cache    shared:SSL:10m;
       ssl_session_timeout  10m;

I want to know if we really have to explicitly specify ssl_protocols and
ssl_ciphers in the config in order to be fully https for the said directive

Also does it make sense to enable ssl/tls support on apache also ? in my
case i have nginx in front of the apache .

*Tariq Wali.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list