Problem resolved.
Letsencrypt was in use and it overrode the nginx.conf allowed protocols in
file
/etc/letsencrypt/options-ssl-nginx.conf
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,282020,282030#msg-282030
___
nginx mailing list
nginx
> Am 17.11.2018 um 04:56 schrieb Jeremy Ardley :
>
>ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_protocols TLSv1.2;
You need to disable 1.0 and 1.1.
AFAIK.
If you look around, everybody (ebay, github, MSFT, Google etc.pp.) who disabled
1.0 also disabled 1.1.
I am setting up web servers for best practice TLS.
The issue is TLS 1.0 which is deprecated
I want to remove it from the available protocols and have done the usual
##
# SSL Settings
##
ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_pref
