Last Updated: April 23, 2019
·
8.292K
· bear

nginx ssl config with forward secrecy enabled

Two things are important for any HTTPd configuration: mitigation of BEAST and Forward Secrecy. Perfect Forward Secrecy is hard since IE9 does not support any of the DHE or ECDHE.
For details on what all that means see SSL Labs article on deploying forward secrecy. This config below scores very well with SSL Labs test suite.

server_tokens off;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:RC4-SHA;

5 Responses
Add your response

I would add to your documentation how to use openssl to append the DH randomness to your key chain:

openssl dhparam -rand - 1024 >> mychain.pem

over 1 year ago ·

For the benefit of future readers: using the explicit list of ciphers from the referenced SSL Labs article only got my site an overall "C" rating in SSL Labs' own tests, whereas the following much simpler alternative gets an "A":

ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
over 1 year ago ·

Re. @rtaprh's comment, with the current stable nginx versions it's no longer necessary to do the dhparam trick, and in fact it's downright discouraged.

over 1 year ago ·

Maybe a best source of informations about that problem is : https://community.qualys.com/blogs/securitylabs/2013/08/05/configuring-apache-nginx-and-openssl-for-forward-secrecy

And we can check our servers configurations with their tool : https://www.ssllabs.com/ssltest/index.html

;)

over 1 year ago ·

Thanks for this article. Not sure how up to date it is, but you could consider taking SSLv3 out.

over 1 year ago ·