http/2 needs "weaker" ciphers?
Valentin V. Bartenev
vbart at nginx.com
Mon Oct 12 13:05:37 UTC 2015
On Friday 09 October 2015 10:14:24 p.heppler wrote:
> I'm running nginx 1.9.5 and switched from spdy to http/2.
> I wonder why I had to change my cipher list and add "weaker" ciphers?
>
> before (worked fine with spdy):
> ssl_ciphers 'AES256+EECDH:AES256+EDH';
>
> after:
> ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
>
See the HTTP/2 requirements:
https://tools.ietf.org/html/rfc7540#appendix-A
wbr, Valentin V. Bartenev
More information about the nginx
mailing list