SSL Cipher suites settings in Nginx webserver

Kaushal Shriyan kaushalshriyan at gmail.com
Mon May 3 16:47:06 UTC 2021


Hi,

I am using Lets Encrypt SSL Certificates for Nginx 1.20.00 webserver
running on CentOS Linux release 7.9.2009 (Core). I will appreciate it if
someone can guide me to set the cipher suites in the Nginx Webserver
config. I am referring to https://ssl-config.mozilla.org/. Is there a way
to verify if the below cipher suites set are accurate and are free from any
vulnerabilities?

$openssl version
OpenSSL 1.0.2k-fips  26 Jan 2017
$cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
$nginx -v
nginx version: nginx/1.20.0

ssl_ciphers
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

Please guide and I look forward to hearing from you. Thanks in Advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20210503/99e3fc9e/attachment.htm>


More information about the nginx mailing list