Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Nginx cipher selection
« previous
next »
Print
Pages: [
1
]
Author
Topic: Nginx cipher selection (Read 2294 times)
astuckey
Newbie
Posts: 31
Karma: 1
Nginx cipher selection
«
on:
September 21, 2020, 09:57:49 am »
In reference to post
https://forum.opnsense.org/index.php?topic=17151.0
to bring this to 20.7.
It isn't possible to modify the cipher list with the Nginx plugin, as it is hardcoded in a template. The current release is using weak ciphers as determined by SSLLabs.
We have written a patch which adds a drop-down list to the HTTP Server configuration for cipher selection.
Commit:
https://github.com/opnsense/plugins/commit/a694ac4cb65481df9abf7138c0eb7693a9e36d11
Logged
Fright
Hero Member
Posts: 1777
Karma: 164
Re: Nginx cipher selection
«
Reply #1 on:
September 21, 2020, 10:37:12 am »
it would be great!
(may be add some helpful link in help text area?
eg
https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#23-use-secure-cipher-suites
)
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.7 Legacy Series
»
Nginx cipher selection