Mercurial > hg > nginx-site
comparison xml/en/docs/http/configuring_https_servers.xml @ 374:a413dffb0557
Replaced "a href" with "link doc" / "link url".
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Mon, 30 Jan 2012 10:39:42 +0000 |
| parents | 95d5dc7c9884 |
| children | b83d332fbdaa |
comparison
equal
deleted
inserted
replaced
| 373:e179a6487bbd | 374:a413dffb0557 |
|---|---|
| 55 </para> | 55 </para> |
| 56 | 56 |
| 57 <para> | 57 <para> |
| 58 CBC-mode ciphers might be vulnerable to a number of attacks and to | 58 CBC-mode ciphers might be vulnerable to a number of attacks and to |
| 59 the BEAST attack in particular (see | 59 the BEAST attack in particular (see |
| 60 <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389">CVE-2011-3389</a>). | 60 <link url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389">CVE-2011-3389</link>). |
| 61 Configuration of ciphers can be adjusted to prefer RC4-SHA as the following: | 61 Configuration of ciphers can be adjusted to prefer RC4-SHA as the following: |
| 62 | 62 |
| 63 <programlisting> | 63 <programlisting> |
| 64 ssl_ciphers RC4:HIGH:!aNULL:!MD5; | 64 ssl_ciphers RC4:HIGH:!aNULL:!MD5; |
| 65 ssl_prefer_server_ciphers on; | 65 ssl_prefer_server_ciphers on; |
| 360 <section id="sni" name="Server Name Indication"> | 360 <section id="sni" name="Server Name Indication"> |
| 361 | 361 |
| 362 <para> | 362 <para> |
| 363 A more generic solution for running several HTTPS servers on a single | 363 A more generic solution for running several HTTPS servers on a single |
| 364 IP address is | 364 IP address is |
| 365 <a href="http://en.wikipedia.org/wiki/Server_Name_Indication">TLSv1.1 | 365 <link url="http://en.wikipedia.org/wiki/Server_Name_Indication">TLSv1.1 |
| 366 Server Name Indication extension</a> (SNI, RFC3546), | 366 Server Name Indication extension</link> (SNI, RFC3546), |
| 367 which allows a browser to pass a requested server name during the SSL handshake | 367 which allows a browser to pass a requested server name during the SSL handshake |
| 368 and, therefore, the server will know which certificate it should use | 368 and, therefore, the server will know which certificate it should use |
| 369 for the connection. | 369 for the connection. |
| 370 However, SNI has limited browser support. | 370 However, SNI has limited browser support. |
| 371 Currently it is supported starting with the following browsers versions: | 371 Currently it is supported starting with the following browsers versions: |