Hello, I filled a (now closed, because erroneous) enhancement ticket: http://trac.nginx.org/nginx/ticket/619
As it appears, the change I noticed in the SSl test did not result from my malformed ciphers list. Right about that. However, what is intriguing is the answer Maxim gave me on the second part of my proposal: the default activation of ssl_prefer_server_ciphers <http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_prefer_server_ciphers> . He saif that this option put to on made sense with a custome list but not with the default one. I confirm that the results of my tests changed. It was no because of the ciphers list, but it was due to that other change. Thus, the ciphers used by the emulated clients of the test changed following the activation of that option, allowing me to pass the 'Forward Secrecy' part of the test, resulting in an upgrade of my score from A- to A. I jsut checked it again, removing my buggy ciphers list and (de)activating de rprefer' option. If using that option with the default ciphers list was useless, what had that change an impact on the results of my test? --- *B. R.*
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
