|
|
|
|
|
|
by nodesocket
4813 days ago
|
|
|
> I had the wrong ciphers configured. After some quick tweaking and a confirmation using openssl s_client -connect server:ip Is this in the nginx config? Can anybody elaborate a bit further? Here is what I am currently using in my nginx config for ssl: ssl_session_cache shared:SSL_CACHE:8m;
ssl_session_timeout 5m;
# Mitigate BEAST attacks
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
|
|
|
See https://gist.github.com/3rd-Eden/5345018 for the output of the openssl s_client for those ciphers. You'll see that `cipher : RC4-SHA` is used here. Which is one of the fastest if not the fastest cipher available.