Closed yepmen closed 2 years ago
it does not working, may i need to recompile nginx-more from source code? thanks you!
TLSv1.0, TLSv1.1, TLSv1.2, TLSv1.3 is working with nginx-more-1.20.4 on my server Centos 7.9, but when i upgraded to nginx-more-1.22 by YUM, TLSv1.0, TLSv1.1 does not working anymore.
Hello,
Did you add @SECLEVEL=0
to your ciphers list like I said? It works well for me on CentOS 7 with nginx-more 1.22, see testssl.sh results:
Testing protocols via sockets except NPN+ALPN
SSLv2 not offered (OK)
SSLv3 not offered (OK)
TLS 1 offered (deprecated)
TLS 1.1 offered (deprecated)
TLS 1.2 offered (OK)
TLS 1.3 offered (OK): final
NPN/SPDY not offered
ALPN/HTTP2 h2, http/1.1 (offered)
It workes now, thanks!
Hello,
You need to add
@SECLEVEL=0
to your cipher list.See: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_set_security_level.html
Karl