SSL ciphers, disable or not to disable RC4?

Pekka.Panula at sofor.fi Pekka.Panula at sofor.fi
Thu Jan 9 09:29:11 UTC 2014


Hi

My current values in my nginx configuration for ssl_protocols/ciphers what 
i use is this:

ssl_protocols      SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers          RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers   on;

What are todays recommendations for ssl_ciphers option for supporting all 
current OSes and browsers, even Windows XP users with IE?
Can i disable RC4?

My nginx is compiled with OpenSSL v1.0.1.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20140109/4a88f6d4/attachment.html>


More information about the nginx mailing list