Can't Disable TLSv1 in Nginx using Jelastic

Question

Actually I use this configuration:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
    ssl_prefer_server_ciphers   on;
    ssl_session_cache shared:SSL:10m;

But if I change for:

ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
    ssl_prefer_server_ciphers   on;
    ssl_session_cache shared:SSL:10m;

The server will be down.

Somebody know the reason?

[sf] might be a better place to ask this. – 001 Sep 26 '16 at 16:27 — 001, Sep 26 '16 at 16:27

score 0 · Answer 1 · answered Sep 28 '16 at 11:41

@luiz-biazus, we have checked the mentioned issue and haven't found any problems on Jelastic side. Based on the data that you provide we believe that you use the Jelastic wildcard SSL instead of Custom SSL Certificate and trying to configure SSL in the your local nginx configuration. In this case you face the issue that your nginx tries to start with SSL support, but it not configured appropriately as it described in the documentation. Please, make sure that you have enabled the Public IP

and load your SSL certificates via the Dashboard:

Click Settings for the configured environment.

In the opened tab, choose the Custom SSL option within the left-hand list. Upload Server key, Intermediate certificate (CA) and Domain certificate into the appropriate fields. Click Save.

Can't Disable TLSv1 in Nginx using Jelastic

1 Answers1