如果nginx ssl 存在以下几种漏洞
CVE-2015-2808
SSL弱加密算法
CVE-2016-2183
CVE-2016-2183
请修改nginx.conf 增加以下配置,亲测有效!!!
server {
listen 443 ssl;
# ssl on;
server_name localhost;
ssl_certificate ssl/server.crt;
ssl_certificate_key ssl/server.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
# 下面这个是重要代码
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!3DES:!ADH:!RC4:!DH:!DHE;
}
var code = “3b8838a4-aa00-489a-a56c-3b92d6f5964c”