Getting forward secrecy enabled
mex
nginx-forum at nginx.us
Wed Oct 2 05:46:50 UTC 2013
how did you compiled nginx, with openssl-sources via
--with-openssl=/path/to/sources ?
i could imagine that, if not, your (outdated) distros openssl-dev might be
used.
i have this issue when compiling nginx on debian; i have to download openssl
and
point nginx where to find the sources
but since openssl recognizes openssl 1.0.1e ... this seems fishy somehow, as
if you
are potentially capable of PFS, but are not able to deliver, for whatever
reason.
all i did for makepw.com was:
./configure ... --with-http_spdy_module --with-http_ssl_module
--with-openssl=/path/to/openssl_source/ ...
then i configured the cipher-suites according to recomendations from ivan
ristic.
Posted at Nginx Forum: http://forum.nginx.org/read.php?2,243341,243349#msg-243349
More information about the nginx
mailing list