Nginx Cipher Suites

Giles Orr

Toronto Public Library

S5 Slide Show

  • the print view will show you not only the contents of all slides, but also the speaker notes
  • some of the speaker notes are simply for me, speaking to the audience - but much of it is elaboration on points made in the slides

Securing Your Web Server

  • who here is directly or indirectly responsible for the running of a webserver?
  • Let's Encrypt being free means that there's no longer a financial reason not to encrypt your website ...
  • and when you add in Google's move to down-rank non-encrypted sites ... there are a lot of reasons to encrypt ASAP
  • whatever certificate authority you use, research them: make sure they're not deprecated or rejected by browsers


  • the POODLE attack invalidated SSL3 completely in 2014
  • you should support TLS 1.2, 1.1, and 1.0 in that order of preference
  • TLS 1.3 only became an official standard in April 2018, and isn't properly supported by OpenSSL on Linux yet, which means ... it's not supported in any practical way yet

Your Web Server Configuration

  • people are always trying to break cipher suites - both "white hats" (legitimate security researchers) and "black hats" (bad actors)
  • a good example is RC4: it was formative in cryptography and the web, but is now quite broken

The Line


  • as you can see - it is not your friend, and trying to understand it is a rabbit hole full of pain
  • the structure is incredibly basic: a colon-separated list of cipher suites you want your server to use, terminating in a semi-colon
  • every one of those acronyms should be researched

The Easy Way

  • I recommend doing your own cipher suite research, but using Mozilla's configuration generator is an option if you don't have the time right now
  • "Modern" supports only very recent browsers - it's definitely more secure, but could lock out some of your users
  • there are a number of sites to test your SSL/TLS configuration: I like Qualys best as it seems both most thorough and easiest to read of the ones I've seen
  • and keep in mind that a configuration that's up-to-date and drawing an "A" score should be tested every couple months as those ciphers keep being broken and a winning config now can be invalidated by a research paper next month
  • you MUST stay on top of it

Cipher Suite Breakdown


  • ECDHE - Elliptic-Curve Diffie-Hellman, Ephemeral keys
  • ECDSA - Elliptic Curve Digital Signature Algorithm
  • AES128 - Advanced Encryption Standard followed by a key size
  • GCM - Galois/Counter Mode
  • SHA256 - Secure Hash Algorithm, followed by a key size

Don't Use

  • again, which ones you block are a matter of research ...

Algorithms and Ciphers (Reference)

What You Need to Know

  • I needed a demo - I'm sorry it had to be code4lib ... but as of 2018-05-09 they're scoring an "F"
  • Yes, I did try to notify them a couple weeks ago
  • I found this because I set Firefox to not accept SSLv2 or SSLv3
  • Firefox - about:config - security.tls.version.min - set to "2" (sets the minimum SSL to TLS 1.1)
  • A more complete explanation:*#Possible_values_and_their_effects
  • Note that when you visit a site that only supports SSLv2 or v3, Firefox assumes you're wrong and asks if you want to reset to sane values: your call, but I'm sticking with my paranoia

Backup Screen Shot gets an F on the Qualys test