Changes between Version 5 and Version 6 of Ticket #676, comment 8


Ignore:
Timestamp:
07/26/22 00:51:59 (4 months ago)
Author:
Thomas Spear

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #676, comment 8

    v5 v6  
    55If you need to require only TLSv1.3 for some endpoints and allow TLSv1.2 for some other endpoints, then you will need to have a second instance of nginx, or offload your SSL termination before traffic gets to the nginx instance, or some other method.
    66
    7 That being said, this is the most secure configuration I could come up with in 2022 using a single nginx instance. It's not perfect due to this issue but it's close.
     7That being said, this is the most secure configuration I could come up with in 2022 using a single nginx instance if you need to still allow TLSv1.2. It's not perfect due to this issue but it's close.
    88
    99In the default server configuration: