Nginx我无法在ssl_ciphers配置中禁用RC4密码
网络上有多个示例,但我无法让Nginx禁用RC4 使用openSSL 1.0.1h构建的Nginx是1.14.2
我尝试了Mozilla推荐的设置 尝试过!RC4,具有多种变体
不确定我在这里缺少什么。
ssl_certificate /etc/letsencrypt/live/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/privkey.pem;
ssl on;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!eNULL:!EXPORT:!RC4:!MD5:!PSK;
ssl_ecdh_curve secp384r1;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:20m;
ssl_session_tickets off;
ssl_stapling on;
ssl_stapling_verify on;
ssl_dhparam /etc/nginx/dhparam.pem;