SSL ciphers, disable or not to disable RC4?
luky-37 at hotmail.com
Thu Jan 9 09:53:03 UTC 2014
> My current values in my nginx configuration for ssl_protocols/ciphers
> what i use is this:
> ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> ssl_ciphers RC4:HIGH:!aNULL:!MD5;
> ssl_prefer_server_ciphers on;
> What are todays recommendations for ssl_ciphers option for supporting
> all current OSes and browsers, even Windows XP users with IE?
> Can i disable RC4?
Personally, I'm following Mozillas deployment recommendations:
More information about the nginx