SSL POODLE Attack 问题大家现在如何配置的呢?
- 0次
- 2021-05-17 08:41:02
- idczone
GoDaddy 的 SSL 证书,Nginx Web Server, 我配置了 SPDY,指定使用 TLS 1, 1.1, 1.2,现在浏览器访问站点时,时不时会出现 ssl error inappropriate fallback alert 错误,然后刷新一下又可以了。
有没有哪位也遇到?现在大家的 SPDY 是配置是如何的呢?
我的配置是:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 10m;
ssl_trusted_certific国外服务器ate /etc/nginx/ssl/godaddy-ca-chain.crt;
keepalive_timeout 70;
# Tell the browser we do SPDY
add_header Alternate-Protocol 443:npn-spdy/2;
#compress header when spdy
spdy_headers_comp 1;
resolver 8.8.8.8 8.8.4.4;