Opened 12 years ago
Last modified 12 years ago
#177 closed defect
docs: default ssl_ciphers value should be corrected — at Version 4
Reported by: | Артем Давыдов | Owned by: | Ruslan Ermilov |
---|---|---|---|
Priority: | minor | Milestone: | |
Component: | other | Version: | |
Keywords: | ssl insecure ciphersuites | Cc: | |
uname -a: | |||
nginx -V: |
nginx version: nginx/1.2.1
TLS SNI support enabled configure arguments: --prefix=/usr/local/etc/nginx --with-cc-opt='-I /usr/local/include' --with-ld-opt='-L /usr/local/lib' --conf-path=/usr/local/etc/nginx/nginx.conf --sbin-path=/usr/local/sbin/nginx --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx-error.log --user=www --group=www --with-file-aio --http-client-body-temp-path=/var/tmp/nginx/client_body_temp --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi_temp --http-proxy-temp-path=/var/tmp/nginx/proxy_temp --http-scgi-temp-path=/var/tmp/nginx/scgi_temp --http-uwsgi-temp-path=/var/tmp/nginx/uwsgi_temp --http-log-path=/var/log/nginx-access.log --with-http_flv_module --with-http_gzip_static_module --with-http_stub_status_module --with-pcre --with-http_ssl_module |
Description (last modified by )
Documentation for ssl_ciphers needs updating, it still lists "HIGH:!ADH:!MD5" (and suggests to use !ADH in the example).
Change History (4)
comment:1 by , 12 years ago
Resolution: | → invalid |
---|---|
Status: | new → closed |
comment:2 by , 12 years ago
Maxim, then documentation should be changed to reflect this. It still states that insecure defaults are being used.
http://www.nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers
http://www.nginx.org/ru/docs/http/ngx_http_ssl_module.html#ssl_ciphers
Btw, is there any track for documentation errata?
comment:3 by , 12 years ago
Resolution: | invalid |
---|---|
Status: | closed → reopened |
comment:4 by , 12 years ago
Component: | nginx-module → other |
---|---|
Description: | modified (diff) |
Owner: | changed from | to
Status: | reopened → assigned |
Summary: | Default ssl_ciphers value should be corrected → docs: default ssl_ciphers value should be corrected |
Version: | 1.2.x |
Yes, docs should be updated. Ruslan is looking into this.
Note:
See TracTickets
for help on using tickets.
Default is HIGH:!aNULL:!MD5 since 1.0.5.