Hacker Newsnew | comments | show | ask | jobs | submitlogin

I'd love to see this article with the nginx equivalent configuration directives.

Nginx uses the ssl_ciphers directive to select ciphers.[0]

    ssl_ciphers ALL:!ADH:!EXP:!LOW:!RC2:!3DES:!SEED:RC4+RSA:+HIGH:+MEDIUM;
KeepAlive is enabled by default, but you can configure it for different durations or numbers of requests.[1]

I believe you can chain your certificates by concatenating the chain to your certificate file.[2]

    cat chain.crt >> mysite.com.crt
[0] http://wiki.nginx.org/HttpSslModule#ssl_ciphers

[1] http://wiki.nginx.org/HttpCoreModule#keepalive_disable

[2] http://wiki.nginx.org/HttpSslModule#Synopsis


EDIT: it is done, I added the nginx configuration to the article

Just wait a bit, I'm updating the post for that :)


I second this. I'm not seeing Apache used much in any of the places I'm working in these days.


Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact