SSL Handshake problems, nginx reverse web proxy.

Nathan lagern at lafayette.edu
Tue Nov 12 17:22:24 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On 11/12/2013 12:14 PM, Maxim Dounin wrote:
> Hello!
Hi!


> 
> As of nginx 1.5.6+, there is the proxy_ssl_protocols directive 
> exacly for this kind of problems.  Restricting proxy_ssl_ciphers to
> a smaller set may help too (again, in 1.5.6+).
> 
Good, so now all i have to do is convince Epel to carry a newer
version of nginx.

# rpm -qa | grep nginx
nginx-1.0.15-5.el6.x86_64

I could to and get an rpm elsewhere i'm sure, that breaks our
standards though.


Any other suggestions?


> See here for more details:
> 
> http://nginx.org/r/proxy_ssl_protocols 
> http://nginx.org/r/proxy_ssl_ciphers
> 

- -- 
- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Nathan Lager, RHCSA, RHCE, RHCVA (#110-011-426)
System Administrator
11 Pardee Hall
Lafayette College, Easton, PA 18042
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlKCY9AACgkQsZqG4IN3sulH2ACcD6rCaefiWyNC11WeHm29jXdq
nuEAn0JLJiK6ugUmmQY9csA0JAH9ietm
=eSmS
-----END PGP SIGNATURE-----



More information about the nginx mailing list