Mercurial > hg > nginx-site
comparison xml/en/docs/http/configuring_https_servers.xml @ 38:abf4325d6996
- Short note about non-CBC, without any implicit suggestions
| author | Andrey Alexeev <andrew@nginx.com> |
|---|---|
| date | Sat, 01 Oct 2011 11:20:24 +0000 |
| parents | b33866d80056 |
| children | 79e9dff80d25 |
comparison
equal
deleted
inserted
replaced
| 37:b33866d80056 | 38:abf4325d6996 |
|---|---|
| 22 ssl_certificate_key www.nginx.com.key; | 22 ssl_certificate_key www.nginx.com.key; |
| 23 ssl_protocols SSLv3 TLSv1; | 23 ssl_protocols SSLv3 TLSv1; |
| 24 ssl_ciphers HIGH:!aNULL:!MD5; | 24 ssl_ciphers HIGH:!aNULL:!MD5; |
| 25 ... | 25 ... |
| 26 } | 26 } |
| 27 </programlisting> | |
| 28 | |
| 29 If you are going to use non-CBC ciphers only, you can put in the following directive: | |
| 30 | |
| 31 <programlisting> | |
| 32 ssl_ciphers RC4-SHA; | |
| 27 </programlisting> | 33 </programlisting> |
| 28 | 34 |
| 29 The server certificate is a public entity. | 35 The server certificate is a public entity. |
| 30 It is sent to every client that connects to the server. | 36 It is sent to every client that connects to the server. |
| 31 The private key is a secure entity and should be stored in a file with | 37 The private key is a secure entity and should be stored in a file with |