<div dir="ltr">     Running SSL correctly goes deeper than just declaring ciphers, and at the least I'd recommend using the more modern versions with ECDHE unless there is a technical reason you cannot. That said:<div><br></div><div>     ssl_prefer_server_ciphers on;</div><div>     ssl_ciphers AES256-SHA256:AES256-SHA:AES128-SHA256:AES128-SHA:RC4-SHA:RC4-MD5:DES-CBC3-SHA;</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><b style="color:rgb(25,25,25)"><div style="color:rgb(0,0,0);font-weight:normal"><b style="color:rgb(25,25,25)"><font face="Lucida Grande" size="1"><div style="color:rgb(0,0,0);font-weight:normal"><br><table cellspacing="0" cellpadding="0" border="0" style="font-family:helvetica,sans-serif;font-size:12px"><tbody><tr><td width="90" style="text-align:center;border-right-width:1px;border-right-style:solid;border-right-color:rgb(186,186,186)"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/wdpiclogob_4x.png" alt="userimage" width="65" style="padding-bottom:5px"></td><td style="padding-left:15px"><p style="margin:1pt;padding:0px;color:rgb(37,173,224)">Scott Larson<a href="https://www.google.com/maps/place/4216+Glencoe+Ave,+Marina+Del+Rey,+CA+90292/@33.9892151,-118.4421334,17z/data=!3m1!4b1!4m2!3m1!1s0x80c2ba88ffae914d:0x14e1d00084d4d09c" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/labadgeg_4x.png" alt="los angeles" width="13" style="margin:2px 0px 0px 4px"></a></p><p style="margin:1pt;padding:0px 0px 6px;color:rgb(37,173,224)">Lead Systems Administrator</p><a href="https://www.wiredrive.com/" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/wdlogofooter_4x.png" alt="wdlogo" width="66" style="padding-left:2px;padding-right:2px"></a> <a href="https://www.linkedin.com/company/wiredrive" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/ic_in2_4x.png" alt="linkedin" width="13"></a> <a href="https://www.twitter.com/wiredrive" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/ic_tw_4x.png" alt="facebook" width="13"></a> <a href="https://www.facebook.com/wiredrive" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/ic_fb_4x.png" alt="twitter" width="13"></a> <a href="https://www.instagram.com/wiredrive" style="color:rgb(17,85,204)" target="_blank"><img src="http://marketing.wdcdn.net/wp-content/themes/email_images/sigimg/ic_ig_4x.png" alt="instagram" width="13"></a><p style="margin:1pt;padding:0px;color:rgb(158,158,158);font-size:11px">T <a href="tel:310%20823%208238%20x1106" value="+13108238238" style="color:rgb(17,85,204)" target="_blank">310 823 8238 x1106</a>  |  M <a href="tel:310%20904%208818" value="+13109048818" style="color:rgb(17,85,204)" target="_blank">310 904 8818</a></p></td></tr></tbody></table></div><div style="color:rgb(0,0,0);font-weight:normal"><div style="margin:0px"><div style="margin:0px"><font color="#007EFD"><span style="color:rgb(0,0,0)"><div style="margin:0px"><font color="#2498FC"><span style="color:rgb(0,0,0)"><div style="margin:0px;color:rgb(120,120,120)"><div style="margin:0px"><font color="#2498FC"></font></div></div></span></font></div></span></font></div></div></div></font></b></div></b></div></div></div></div></div>
<br><div class="gmail_quote">On Wed, Mar 18, 2015 at 2:55 PM, ManuelRighi <span dir="ltr"><<a href="mailto:nginx-forum@nginx.us" target="_blank">nginx-forum@nginx.us</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
I need to configure my nginx web server with only specific ssl ciphers.<br>
I need to use only this ciphers:<br>
<br>
TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)<br>
TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)<br>
TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)<br>
TLS_RSA_WITH_RC4_128_MD5 (0x0004)<br>
TLS_RSA_WITH_RC4_128_SHA (0x0005)<br>
TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)<br>
TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)<br>
<br>
<br>
Someone can help me on how I do ?<br>
<br>
Tnx<br>
Manuel<br>
<br>
Posted at Nginx Forum: <a href="http://forum.nginx.org/read.php?2,257416,257416#msg-257416" target="_blank">http://forum.nginx.org/read.php?2,257416,257416#msg-257416</a><br>
<br>
_______________________________________________<br>
nginx mailing list<br>
<a href="mailto:nginx@nginx.org">nginx@nginx.org</a><br>
<a href="http://mailman.nginx.org/mailman/listinfo/nginx" target="_blank">http://mailman.nginx.org/mailman/listinfo/nginx</a><br>
</blockquote></div><br></div>