[PATCH] update default ssl_ciphers value

Thomas Ward teward at dark-net.net
Tue Aug 4 23:41:24 UTC 2015

> On Aug 4, 2015, at 19:11, Mike MacCana <mike.maccana at gmail.com> wrote:


> Would nginx accept a patch to include dh_params in the example config?
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel

I have it on good authority that Maxim or someone has a diff planned to change defaults so a patch for that probably won't be needed.

This also wouldn't necessarily be too helpful to be in the configuration as the DH parameters need to be generated separately and stored on their own then referenced by the ssl_dhparam parameter.  Inclusion in the configuration but commented out with a recommendation to set it up is what we do downstream I think, and likely would end up having to be done here so we don't get "missing file" load errors... I'll have to double check Debian and Ubuntu on that one though to determine what we do at that downstream...


*Sent from my iPhone.  Please excuse any typos, as they are likely to happen by accident.*

More information about the nginx-devel mailing list