Mercurial > hg > nginx-site
comparison xml/en/docs/http/configuring_https_servers.xml @ 38:abf4325d6996
- Short note about non-CBC, without any implicit suggestions
author | Andrey Alexeev <andrew@nginx.com> |
---|---|
date | Sat, 01 Oct 2011 11:20:24 +0000 |
parents | b33866d80056 |
children | 79e9dff80d25 |
comparison
equal
deleted
inserted
replaced
37:b33866d80056 | 38:abf4325d6996 |
---|---|
22 ssl_certificate_key www.nginx.com.key; | 22 ssl_certificate_key www.nginx.com.key; |
23 ssl_protocols SSLv3 TLSv1; | 23 ssl_protocols SSLv3 TLSv1; |
24 ssl_ciphers HIGH:!aNULL:!MD5; | 24 ssl_ciphers HIGH:!aNULL:!MD5; |
25 ... | 25 ... |
26 } | 26 } |
27 </programlisting> | |
28 | |
29 If you are going to use non-CBC ciphers only, you can put in the following directive: | |
30 | |
31 <programlisting> | |
32 ssl_ciphers RC4-SHA; | |
27 </programlisting> | 33 </programlisting> |
28 | 34 |
29 The server certificate is a public entity. | 35 The server certificate is a public entity. |
30 It is sent to every client that connects to the server. | 36 It is sent to every client that connects to the server. |
31 The private key is a secure entity and should be stored in a file with | 37 The private key is a secure entity and should be stored in a file with |