SSL: $ssl_ciphers (ticket #870). The variable contains list of ciphers as supported by the client. Known ciphers are listed by their names, unknown ones are shown in hex, e.g., ""AES128-SHA:AES256-SHA:0x00ff". The variable is fully supported only when using OpenSSL 1.0.2 and above. With older version there is an attempt to provide some information using SSL_get_shared_ciphers(). It only lists known ciphers though. Moreover, as OpenSSL uses session data for SSL_get_shared_ciphers(), and it doesn't store relevant data when serializing a session. As a result $ssl_ciphers is only available for new sessions (and not available for reused ones) when using OpenSSL older than 1.0.2.

--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -276,6 +276,9 @@ static ngx_http_variable_t  ngx_http_ssl
     { ngx_string("ssl_cipher"), NULL, ngx_http_ssl_static_variable,
       (uintptr_t) ngx_ssl_get_cipher_name, NGX_HTTP_VAR_CHANGEABLE, 0 },
 
+    { ngx_string("ssl_ciphers"), NULL, ngx_http_ssl_variable,
+      (uintptr_t) ngx_ssl_get_ciphers, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
     { ngx_string("ssl_session_id"), NULL, ngx_http_ssl_variable,
       (uintptr_t) ngx_ssl_get_session_id, NGX_HTTP_VAR_CHANGEABLE, 0 },