You could try using the cipher configuration recommended by Ivan Ristić / ssllabs.com, as described here: http://blog.ivanristic.com/2013/08/configuring-apache-nginx-and-openssl-for-forward-secrecy.html
Restart nginx and check what cipher is being offered. The highest cipher supported by both client and server should be negotiated. You could also try compiling nginx with a newer version of OpenSSL as static libraries (or maybe upgrade and use LibreSSL?) and retry the above procedure. And also, check the about:config page in Firefox, make sure the maximum supported TLS version is 1.2 by changing security.tls.version.max to value 3. On Wed, Jul 2, 2014 at 7:52 PM, Ez Egy <ezegyemailcim...@gmail.com> wrote: > > Since these two are using GCM: > > www.ssllabs.com: ECDHE-RSA-AES256-GCM-SHA384 > www.google.com: ECDHE-RSA-AES128-GCM-SHA256 > > We wanted to make our webserver HTTPS connection more secure (don't look at > the self-signed certificate, that doesn't count right now..) > > We are using an OpenBSD 5.4 64bit, and the "openssl ciphers" command says > that it supports the "ECDHE-RSA-AES256-GCM-SHA384" cipher. On client side > there is Firefox 30 at least. > > So here is how we setup the HTTPS server: > > # generate self signed certificate > openssl genrsa -aes256 -out /etc/ssl/private/server.key 4096 > openssl req -new -key /etc/ssl/private/server.key -out > /etc/ssl/private/server.csr > openssl x509 -sha512 -req -days 365 -in /etc/ssl/private/server.csr > -signkey /etc/ssl/private/server.key -out /etc/ssl/server.crt > > The config: > > vi /etc/nginx/nginx.conf > ... > ssl_protocols TLSv1.2; > ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384; > ssl_prefer_server_ciphers on; > ... > > But Firefox says (I translated it from my language..): > > A connection to the www.foo.com is interrupted > > and ssllabs ( https://www.ssllabs.com/ssltest/ ) says: > > Assessment failed: Failed to communicate with the secure server > > Question: How can we set GCM in nginx? Why couldn't a fresh Firefox connect > via HTTPS to foo.com (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2)? It can connect > to www.ssllabs.com via HTTPS (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2) so maybe > it's not a client side problem.. > > [user@localhost ~] openssl s_client -connect www.foo.com:443 > CONNECTED(00000003) > depth=0 C = HU, CN = www.foo.com > verify error:num=18:self signed certificate > verify return:1 > depth=0 C = HU, CN = www.foo.com > verify return:1 > --- > Certificate chain > 0 s:/C=HU/CN=www.foo.com > i:/C=HU/CN=www.foo.com > --- > Server certificate > -----BEGIN CERTIFICATE----- > .... here goes the cert.. > -----END CERTIFICATE----- > subject=/C=HU/CN=www.foo.com > issuer=/C=HU/CN=www.foo.com > --- > No client certificate CA names sent > --- > SSL handshake has read 2137 bytes and written 389 bytes > --- > New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384 > Server public key is 4096 bit > Secure Renegotiation IS supported > Compression: NONE > Expansion: NONE > SSL-Session: > Protocol : TLSv1.2
