Shulou(Shulou.com)06/02 Report--

Editor to share with you only in the Nginx Web server to enable TLS1.2 method, I hope you read this article after the great gains, let's discuss it!

SSL2.0 and SSL3.0 have many known vulnerabilities, such as POODLE (CVE-2014-3566), which is why the latest browsers have removed support for these vulnerable protocols. It is recommended that you move the server to use the TLS version, especially TLS 1.2.

Enable TLS1.2 only in Nginx

Edit the Nginx server block section of the domain in the configuration file on the server and add the following ssl_protocols settings. This will enable only the TLSv1.2 protocol in the Nginx server block.

Ssl_protocols TLSv1.2

The simplest nginx server block to use ssl is as follows

Server {listen 443 ssl; server_name example.com; ssl_protocols TLSv1.2; ssl_certificate / etc/pki/tls/cert.pem; ssl_certificate_key / etc/pki/tls/private/privkey.pem

Enable both TLS 1.1 and 1.2

The poodle vulnerability extends from sslv3 to tls 1.0 and 1.1. Therefore, we do not recommend using it for production servers, but if you want to enable it for development. The following configuration can be performed.

Ssl_protocols TLSv1.2 TLSv1.1

After changing the configuration file, restart the nginx service to apply the new settings.

This article is all over here, more wonderful content you can follow the Linux video tutorials column!

After reading this article, I believe you have some understanding of how to enable TLS1.2 only in the Nginx Web server. If you want to know more about it, you are welcome to follow the industry information channel. Thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.