SSL:修订间差异
跳到导航
跳到搜索
此页面具有访问限制。如果您看见此消息,则说明您没有权限访问此页面。
(→設定) |
(→設定) |
||
第5行: | 第5行: | ||
<pre>CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:!SHA1</pre> | <pre>CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:!SHA1</pre> | ||
如果要考慮到舊的瀏覽器,拿掉 SHA1 限制,並且指定( | 如果要考慮到舊的瀏覽器,拿掉 SHA1 限制,並且指定<code>@SECLEVEL=1</code> (配合[[nginx]]時使用): | ||
<pre>CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:@SECLEVEL=1</pre> | <pre>CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:@SECLEVEL=1</pre> | ||
2021年9月27日 (一) 23:51的版本
SSL(英语:Secure Sockets Layer),或TLS(英语:Transport Layer Security),是一个安全协定。
设定
目前的设定,只支援有FS(Forward secrecy)的协定(不断行):
CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:!SHA1
如果要考虑到旧的浏览器,拿掉 SHA1 限制,并且指定@SECLEVEL=1
(配合nginx时使用):
CHACHA20+ECDHE:AESGCM+ECDHE:AES+ECDHE:CAMELLIA+ECDHE:!ADH:!AECDH:!DSS:!ECDSA:!MD5:@SECLEVEL=1