Getting forward secrecy enabled

mex nginx-forum at
Wed Oct 2 05:46:50 UTC 2013

how did you compiled nginx, with openssl-sources via
--with-openssl=/path/to/sources ?
i could imagine that, if not, your (outdated) distros openssl-dev might be

i have this issue when compiling nginx on debian; i have to download openssl
point nginx where to find the sources

but since openssl recognizes openssl 1.0.1e ... this seems fishy somehow, as
if you
are potentially capable of PFS, but are not able to deliver, for whatever

all i did for was:

 ./configure  ... --with-http_spdy_module --with-http_ssl_module 
--with-openssl=/path/to/openssl_source/ ...

then i configured the cipher-suites according to recomendations from ivan

Posted at Nginx Forum:,243341,243349#msg-243349

More information about the nginx mailing list