Nginx + SSL problem for old browsers

Reinis Rozitis r at
Fri Nov 24 10:26:10 UTC 2017

> Could this be because of the lack of SNI support on old browsers?

It's possible. 
But you should be able to tell on the client itself - if there is ssl cert domain mismatch or the client can't connect at all.

Imo the easiest way to check 

p.s. newer Openssl (1.1.x) versions by default disable weak ciphers. So depending on how your nginx/openssl is compiled the actual cipher list might be different to the configuration line.


More information about the nginx mailing list