Share IT knowledge

nico.li

2023年 6月
一	二	三	四	五	六	日
	1	2	3	4
5	6	7	8	9	10	11
12	13	14	15	16	17	18
19	20	21	22	23	24	25
26	27	28	29	30

linux · 2022年8月2日 0

[Solved]ubuntu 20.04下nginx不支持TLS1.0/TLS1.1

分析问题：

在Ubuntu 20.04 中, OpenSSL升级到了1.1.1f, TLS默认最低支持1.2。
虽然nginx中配置支持ssl_protocols TLSv1 TLSv1.1 TLSv1.2 ，但是当请求为TLSv1 TLSv1.1 时却不生效，因为默认openssl最低支持TLSv1.2

解决办法如下：
修改openssl配置文件，设置支持最低为TLSv1

vim /etc/ssl/openssl.cnf #添加以下配置文件

#以下配置在顶部添加
openssl_conf = default_conf              
#以下配置在底部添加
[default_conf]
ssl_conf = ssl_sect
[ssl_sect]
system_default = system_default_sect
[system_default_sect]
MinProtocol = TLSv1
CipherString = DEFAULT@SECLEVEL=1

重启服务器

reboot

测试

nmap  --script  ssl-enum-ciphers  -p 443  127.0.0.1

打赏赞(3)

发表回复取消回复

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

云服务器、云数据库、COS、CDN、短信等云产品特惠热卖中

近期文章

归档

日历

linux · 2022年8月2日 0

[Solved]ubuntu 20.04下nginx不支持TLS1.0/TLS1.1

您可能还喜欢...

发表回复取消回复

linux · 2022年8月2日 0

您可能还喜欢...

Nginx 设置浏览器缓存过期时间

Apt安装最新版本的Go语言环境

Ubuntu 和 Debian 中使用apt/apt-get单独升级某个软件包

发表回复 取消回复

发表回复取消回复