AnsweredAssumed Answered

SSL Lab report not matching Nginx configuration

Question asked by Benjamin Crandall on Apr 4, 2016
Latest reply on May 5, 2016 by j-mailor

I've spent 4 days trying to get a decent score, nothing I change in my nginx config file seems to make a difference.


I'm getting an F grade with the following confusing results:

Insecure cipher suite warning.  This is the suite in my config: EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5:!RC4;

1024bit DH Weak warning.  I'm using a 4096bit DH param.

Test says I'm not using OCSP stapling but it's in my config.

Test says "RC4 Yes", but it is explicitly disabled in my ciphers above.

What am I missing?