nginx 关闭低版本tls协议 禁用 tls 1.0 tls1.1
作者:互联网
关键配置
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;
改完记得重启nginx
测试工具(支持自定义端口的测试好难找)
https://geekflare.com/tools/tls-test
标签:tls,1.0,tls1.1,GCM,RSA,ssl,AES128,ECDHE,SHA256 来源: https://www.cnblogs.com/toumingbai/p/16651868.html