RE: ssl_prefer_server_ciphers vs. Android

Hi Matthias, > While ssl_prefer_server_ciphers usually works I've noticed some strange > behaviour with Android. Firefox Sync uses with this settings "TLSv1 > RC4-SHA". When I remove all RC4 ciphers from that list, it chooses "TLSv1 > DHE-RSA-AES128-SHA". I'm wondering why it chooses RC4-SHA inst

ssl_prefer_server_ciphers vs. Android

Hi, I've configured ssl with the following options: ssl_dhparam /etc/nginx/pem/dhparam2048.pem; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:D