Rietveld Code Review Tool
Help | Bug tracker | Discussion group | Source code

Unified Diff: modules/nginx/templates/nginx.conf.erb

Issue 6247625674194944: Issue 299 and issue 385 - Drop support for RC4 and support IE6/WinXP clients (Closed)
Patch Set: Created April 26, 2014, 10:10 p.m.
Use n/p to move between diff chunks; N/P to move between comments.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: modules/nginx/templates/nginx.conf.erb
===================================================================
--- a/modules/nginx/templates/nginx.conf.erb
+++ b/modules/nginx/templates/nginx.conf.erb
@@ -34,19 +34,19 @@ http {
<% if scope.lookupvar('nginx::params::gzip') == 'on' %>
gzip on;
gzip_disable "msie6";
gzip_min_length 100;
gzip_buffers 4 8k;
gzip_types text/plain text/xhtml text/css application/x-javascript text/xml application/atom+xml application/rss+xml;
<% end %>
- ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA256 EECDH+aRSA+RC4 EDH+aRSA EECDH RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS";
+ ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS !RC4 +3DES DES-CBC3-SHA";
Felix Dahlke 2014/04/26 22:19:47 After figuring out how this works, I think it'd be
Wladimir Palant 2014/04/27 20:35:34 You are right, I did that. I also decided to chang
ssl_prefer_server_ciphers on;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
<% if ssl_session_cache == 'on' %>
ssl_session_cache shared:SSL:1m;
<% else %>
ssl_session_cache off;
<% end %>
types_hash_max_size 2048;
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld