Mercurial > hg > nginx-site
comparison xml/en/docs/http/configuring_https_servers.xml @ 393:b83d332fbdaa
Documented SSL changes in the upcoming 1.0.12 release.
| author | Ruslan Ermilov <ru@nginx.com> |
|---|---|
| date | Mon, 06 Feb 2012 08:54:43 +0000 |
| parents | a413dffb0557 |
| children | 6135f3c95bf6 |
comparison
equal
deleted
inserted
replaced
| 392:5fd99d37a3e6 | 393:b83d332fbdaa |
|---|---|
| 48 can be used to limit connections | 48 can be used to limit connections |
| 49 to include only the strong versions and ciphers of SSL/TLS. | 49 to include only the strong versions and ciphers of SSL/TLS. |
| 50 Since version 1.0.5, nginx uses “<literal>ssl_protocols SSLv3 TLSv1</literal>” | 50 Since version 1.0.5, nginx uses “<literal>ssl_protocols SSLv3 TLSv1</literal>” |
| 51 and “<literal>ssl_ciphers HIGH:!aNULL:!MD5</literal>” by default, | 51 and “<literal>ssl_ciphers HIGH:!aNULL:!MD5</literal>” by default, |
| 52 so configuring them explicitly only makes sense for the earlier nginx versions. | 52 so configuring them explicitly only makes sense for the earlier nginx versions. |
| 53 Since version 1.1.13, nginx uses | 53 Since versions 1.1.13 and 1.0.12, nginx uses |
| 54 “<literal>ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2</literal>” by default. | 54 “<literal>ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2</literal>” by default. |
| 55 </para> | 55 </para> |
| 56 | 56 |
| 57 <para> | 57 <para> |
| 58 CBC-mode ciphers might be vulnerable to a number of attacks and to | 58 CBC-mode ciphers might be vulnerable to a number of attacks and to |