Is there an original source linking Qualys report codes to codes in nginx configuration?
reallfqq-nginx at yahoo.fr
Tue Jun 28 08:57:10 UTC 2016
nginx deals with an underlying library to manage TLS-ciphered content. The
webserver merely sends configuration data to it on startup/reload and uses
this library to do the actual (en/de)ciphering job.
The one officially supported is OpenSSL, for which cipher strings and
cipher suites are listed in its 'ciphers' module manual (man ciphers - best
- or https://www.openssl.org/docs/manmaster/apps/ciphers.html - worst).
You should use then to feed the ssl_ciphers
directive. What is accepted ultimately depends on the version of OpenSSL
(or any other TLS library) your version of nginx is linked with.
On Tue, Jun 28, 2016 at 5:22 AM, vfclists . <vfclists at gmail.com> wrote:
> The online tool at Qualys for testing webserver SSL configurations,
> https://www.ssllabs.com/ssltest/index.html, produces a list of codes like
> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
> There are a lot of howtos on the net, but none of them show how to relate
> the actual string codes to those in the webservers. It is easy enough to
> use them but there is no knowning how they arrive at those settings in
> Is there some kind of table relating the Qualys codes with the actual
> codes used in nginx configurations?
> Frank Church
> nginx mailing list
> nginx at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the nginx