|
|
|
|
|
|
by cowchase
4698 days ago
|
|
|
Here's a sample nginx config that would prefer PFS over other key exchanges if the client supports it and is not vulnerable to the BEAST attack: ssl_ciphers EECDH+AES:EDH+AES:-SHA1:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5
Source: http://stackoverflow.com/questions/17308690/how-do-i-enable-... |
|
|