Difference between revisions of "SSL"
Jump to navigation
Jump to search
↑ http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_prefer_server_ciphers
(15 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
Deprecated since 2011. See [[TLS]] | Deprecated since 2011. See [[TLS]] | ||
+ | |||
+ | {{SSL TOC}} | ||
+ | |||
+ | |||
<code>[[nginx.conf]]</code> | <code>[[nginx.conf]]</code> | ||
{{Nginx SSL directives}} | {{Nginx SSL directives}} | ||
− | === Related | + | == Errors == |
+ | * [[unable to get local issuer certificate]] | ||
+ | |||
+ | == Related == | ||
* <code>[[openssl]]</code> | * <code>[[openssl]]</code> | ||
− | + | * <code>[[sslscan]]</code> | |
+ | * <code>[[SSL_ERROR_UNRECOGNIZED_NAME_ALERT]]</code> | ||
+ | * [[SSL Certificate Checker]] | ||
+ | * [[526 Invalid SSL certificate]] | ||
== See also == | == See also == | ||
+ | * {{SSL}} | ||
+ | * {{TSL}} | ||
* {{HTTPS}} | * {{HTTPS}} | ||
− | + | ||
[[Category:IT Security]] | [[Category:IT Security]] |
Latest revision as of 14:55, 16 March 2024
Deprecated since 2011. See TLS
ssl_certificate /etc/nginx/ssl/example.pem;
ssl_certificate_key /etc/nginx/ssl/example.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
server ciphers should be preferred over client ciphers when using the SSLv3 and TLS protocols[1]
ssl_certificate /etc/letsencrypt/live/www.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/www.example.com/privkey.pem;
Errors[edit]
Related[edit]
openssl
sslscan
SSL_ERROR_UNRECOGNIZED_NAME_ALERT
- SSL Certificate Checker
- 526 Invalid SSL certificate
See also[edit]
- SSL: OpenSSL, LibreSSL, wolfSSL, BoringSSL, SSL pinning,
/etc/ssl/certs/
,ca-certificates
,/etc/ssl/, sslscan2
- TLS, mTLS: OpenSSL, LibreSSL, BoringSSL, WolfSSL, X.509,
.pem
, SNI, CT, OCSP, Mbed TLS, ALPN,your connection is not private
, SSL Certificate Checker, Wildcard certificate, JA3 fingerprint, sslcan, TLS inspection - HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL
, WebSockets, WebRTC,ssl_certificate
QUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure
, Axios HTTP client, HTTP cookies, HTTP ETag, Hypertext Transfer Protocol -- HTTP/1.1
Advertising: