nginx centos build only supports SSLv3 and ignores ssl_protocols

mayak mayak at
Wed Oct 1 12:11:30 UTC 2014

hi all,

i have several nginx sites, and as i try to deploy ssl, i am having issues with `ssl_protocols`

ssl on;
ssl_certificate /etc/x509V6/domain.crt;
ssl_certificate_key /etc/x509V6/domain.key;

ssl_session_cache off;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;


this configuration can then be tested with:

SSLv2      NOT offered (ok)
SSLv3      offered
TLSv1      not offered
TLSv1.1    not offered
TLSv1.2    not offered
SPDY/NPN   http/1.1  (advertised)

so SSLv3 is still offered and SSLv1.2 is not offered.

any ideas on how to get the `ssl_protocols` to be parsed and respected by nginx?



More information about the nginx mailing list