Changes between Initial Version and Version 1 of Ticket #676, comment 8
- Timestamp:
- 07/26/22 00:41:30 (2 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #676, comment 8
initial v1 3 3 Due to what Maxim mentioned 8 years ago, whatever value is specified for ssl_protocols in the default server { } block is going to be set across all endpoints even if you try to override it in a specific non-default server { } block. 4 4 5 If you need TLSv1.3 only for some endpoints and TLSv1.2 allowedfor some other endpoints, then you will need to have a second instance of nginx, or offload your SSL termination before traffic gets to the nginx instance, or some other method.5 If you need to require only TLSv1.3 for some endpoints and allow TLSv1.2 for some other endpoints, then you will need to have a second instance of nginx, or offload your SSL termination before traffic gets to the nginx instance, or some other method. 6 6 7 7 That being said, this is the most secure configuration I could come up with in 2022 using a single nginx instance. It's not perfect due to this issue but it's close.
