[spindritf]

   > add-apt-repository ppa:nginx/stable

I don't think this is a good idea. It's a bit unclear on their wiki[1] but they have an official repository maintained by nginx.org

    deb http://nginx.org/packages/ubuntu/ lucid nginx
    deb-src http://nginx.org/packages/ubuntu/ lucid nginx

(substitute your Ubuntu version for lucid, obviously)

and separately the PPA you're using but "this PPA is maintained by volunteers and is not distributed by nginx.org." How committed are those volunteers? Do you want to find out on your server?

The official repository carries nginx 1.4.2 (I use it with raring) which works with at least TLS 1.1 (that's what Chrome tells me about the connection).

EDIT: Qualsys gives my setup an A, with a pat on the back for supporting forward secrecy and a warning that I'm vulnerable to the BEAST attack. Apparently, I also support TLS 1.2, what do you know.

[1] http://wiki.nginx.org/Install#Official_Debian.2FUbuntu_packa...

[jolan]

They actually package both 1.4.x and 1.5.x:

http://nginx.org/en/linux_packages.html#stable

http://nginx.org/en/linux_packages.html#mainline

[davidp]

Thanks for this. Does "mainline" mean "unstable/development"? I briefly looked around on nginx.org but couldn't find a description of the difference.

[plentz]

I agree that having a PPA isn't the best thing in the world, but this one is very stable(I'm using it for quite some time). Anyway, I will update the post to use the official repo, since it's really a better option. Thanks :)

[plentz]

Problem solved! I've updated the post to use the official repository(I've updated my step-by-step) :)

Thanks for the contribution