Mercurial > hg > nginx-site
changeset 538:58dd64aef626
Documented ciphers used by default in modern nginx versions (closes #177).
author | Ruslan Ermilov <ru@nginx.com> |
---|---|
date | Mon, 18 Jun 2012 14:39:03 +0000 |
parents | 288416af739a |
children | 785eff9d1bfa |
files | xml/en/docs/http/ngx_http_ssl_module.xml xml/ru/docs/http/ngx_http_ssl_module.xml |
diffstat | 2 files changed, 20 insertions(+), 4 deletions(-) [+] |
line wrap: on
line diff
--- a/xml/en/docs/http/ngx_http_ssl_module.xml +++ b/xml/en/docs/http/ngx_http_ssl_module.xml @@ -155,7 +155,7 @@ for the given virtual server. <directive name="ssl_ciphers"> <syntax><value>ciphers</value></syntax> -<default>HIGH:!ADH:!MD5</default> +<default>HIGH:!aNULL:!MD5</default> <context>http</context> <context>server</context> @@ -164,7 +164,7 @@ Specifies the enabled ciphers. The ciphers are specified in the format understood by the OpenSSL library, for example: <example> -ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; +ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; </example> </para> @@ -173,6 +173,14 @@ The full list can be viewed using the “<command>openssl ciphers</command>” command. </para> +<para> +<note> +The previous versions of nginx used +<link doc="configuring_https_servers.xml" id="compatibility">different</link> +ciphers by default. +</note> +</para> + </directive>
--- a/xml/ru/docs/http/ngx_http_ssl_module.xml +++ b/xml/ru/docs/http/ngx_http_ssl_module.xml @@ -153,7 +153,7 @@ server { <directive name="ssl_ciphers"> <syntax><value>шифры</value></syntax> -<default>HIGH:!ADH:!MD5</default> +<default>HIGH:!aNULL:!MD5</default> <context>http</context> <context>server</context> @@ -162,7 +162,7 @@ server { Шифры задаются в формате, поддерживаемом библиотекой OpenSSL, например: <example> -ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; +ssl_ciphers ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; </example> </para> @@ -171,6 +171,14 @@ ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+ “<command>openssl ciphers</command>”. </para> +<para> +<note> +В предыдущих версиях nginx по умолчанию использовались +<link doc="configuring_https_servers.xml" id="compatibility">другие</link> +шифры. +</note> +</para> + </directive>