ssl_prefer_server_ciphers vs. Android

Lukas Tribus luky-37 at
Thu May 1 23:40:02 UTC 2014

Hi Matthias,

> While ssl_prefer_server_ciphers usually works I've noticed some strange
> behaviour with Android. Firefox Sync uses with this settings "TLSv1
> RC4-SHA". When I remove all RC4 ciphers from that list, it chooses "TLSv1
> DHE-RSA-AES128-SHA". I'm wondering why it chooses RC4-SHA instead of
> DHE-RSA-AES128-SHA since it should have a higher priority.

Can you provide the capture file with the TLS handshake?




More information about the nginx mailing list