Is there an original source linking Qualys report codes to codes in nginx configuration?

B.R. reallfqq-nginx at
Tue Jun 28 08:57:10 UTC 2016

nginx deals with an underlying library to manage TLS-ciphered content. The
webserver merely sends configuration data to it on startup/reload and uses
this library to do the actual (en/de)ciphering job.

The one officially supported is OpenSSL, for which cipher strings and
cipher suites are listed in its 'ciphers' module manual (man ciphers - best
- or - worst).
You should use then to feed the ssl_ciphers
directive. What is accepted ultimately depends on the version of OpenSSL
(or any other TLS library) your version of nginx is linked with.
*B. R.*

On Tue, Jun 28, 2016 at 5:22 AM, vfclists . <vfclists at> wrote:

> <>
> The online tool at Qualys for testing webserver SSL configurations,
>, produces a list of codes like
> etc.
> There are a lot of howtos on the net, but none of them show how to relate
> the actual string codes to those in the webservers. It is easy enough to
> use them but there is no knowning how they arrive at those settings in
> particular.
> Is there some kind of table relating the Qualys codes with the actual
> codes used in nginx configurations?
> --
> Frank Church
> =======================
> _______________________________________________
> nginx mailing list
> nginx at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list