XP/IE8 HTTPS support :(
Lukas Tribus
luky-37 at hotmail.com
Mon Oct 20 15:55:10 UTC 2014
> I have a few users that are having issues with my website now that I
> disabled SSLv3. Turns out the only cipher that would/should work with
> XP/IE8 is TLS1.0: "TLS_RSA_WITH_3DES_EDE_CBC_SHA" (there are two RC4's
> that also work, but I understand that is really not recommended).
>
> Can anyone tell me how to add this to my ssl_ciphers? (I don't fully
> understand the shorthand in the list.)
> I see that, based on a recommendation, I do have "!3DES" in the list.
> If anyone has any other recommendations to support XP/IE8 with TLS1.0
> in the most secure manner, I appreciate all feedback!
>
> Also, if I put this one last in the list, can I assume it will be the
> least preferred by nginx?
Read here:
https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configuration
Lukas
More information about the nginx
mailing list