Nginx cipher selection

Started by astuckey, September 21, 2020, 09:57:49 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 21, 2020, 09:57:49 AM
In reference to post https://forum.opnsense.org/index.php?topic=17151.0 to bring this to 20.7.

It isn't possible to modify the cipher list with the Nginx plugin, as it is hardcoded in a template.  The current release is using weak ciphers as determined by SSLLabs.

We have written a patch which adds a drop-down list to the HTTP Server configuration for cipher selection.

Commit: https://github.com/opnsense/plugins/commit/a694ac4cb65481df9abf7138c0eb7693a9e36d11

September 21, 2020, 10:37:12 AM #1
it would be great!
(may be add some helpful link in help text area?
eg https://github.com/ssllabs/research/wiki/SSL-and-TLS-Deployment-Best-Practices#23-use-secure-cipher-suites)
Print
Go Up Pages1
User actions