Hi.
From what I have read over the years the order doesn't matter for this directive and it will use the highest SSL protocol version supported by both ends of the connection. I manage the configuration of Nginx on this server via the Certbott module and it has set the directive:
ssl_protocols TLSv1.2 TLSv1.3;
I get an A+ on Qualys SSL check.
Andrew.
-----Original Message-----
From: David Mehler via Blind-sysadmins
Sent: Thursday, May 9, 2024 7:29 PM
To: blind-sysadmins@lists.hodgsonfamily.org
Cc: David Mehler
Subject: [Blind-sysadmins] Nginx SSL question
Hello,
Do we have any advanced admins of the Nginx web server?
I'm doing some configuration changes on a spare Nginx web server to evaluate them before putting them on the main server. I've got a question on the ssl_protocols configuration option. I'm wanting to support only TLSv1.3 and TLSv1.2 I've seen configurations written in both of the following ways:
ssl_protocols TLSv1.3 TLSv1.2;
or:
ssl_protocols TLSv1.2 TLSv1.3;
Question, which is correct?
Thanks.
Dave.
--
Sent from Mozilla Thunderbird 91.13.1
_______________________________________________
Blind-sysadmins mailing list -- blind-sysadmins@lists.hodgsonfamily.org
To unsubscribe send an email to blind-sysadmins-leave@lists.hodgsonfamily.org