Negotiated cipher per proto (matching cipher in list missing). No further cipher order check has been done as order is determined by the client
kaushalshriyan at gmail.com
Wed Mar 11 16:57:25 UTC 2020
On Wed, Mar 11, 2020 at 6:36 PM Michael Wojcik <
Michael.Wojcik at microfocus.com> wrote:
> To enforce the server's cipher order, use SSL_CTX_set_options(*ctx*,
> SSL_CTX_get_options(*ctx*) | SSL_OP_CIPHER_SERVER_PREFERENCE).
> Testing server preferences
> Has server cipher order? no (NOT ok)
> No further cipher order check has been done as order is determined by the
Thanks for the email. I am not sure if i understand it completely. what
does the server's cipher order mean in layman's terms? Any example
regarding To enforce the server's cipher order, use
SSL_CTX_set_options(ctx, SSL_CTX_get_options(ctx) |
SSL_OP_CIPHER_SERVER_PREFERENCE) to set it in /etc/nginx/nginx.conf. I am
running Nginx web server.
I have the below settings in /etc/nginx/nginx.conf
listen 443 ssl;
Please suggest. I look forward to hearing from you and thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users