Username:
TITLE
Nginx compile by Plesk and chipers
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Plesk 18.0.39 Update #2, CentOS 7.9.2009
PROBLEM DESCRIPTION
In my configuration TLS 1.3 isn't implementable but with nginx complied by Plesk, I can secure my domains with the last version. I use Let'sEncrypt to secure domains and I have nginx as a proxy. Every domain is secure with TLS_AES_256_GCM_SHA384 but I would like to use TLS_AES_128_GCM_SHA256
I have followed this guide https://support.plesk.com/hc/en-us/...able-TLS-protocol-versions-in-Plesk-for-Linux but withou any success.
STEPS TO REPRODUCE
if I try to set up new chipers to use FIRST AES128 with this command :
I have this error
ACTUAL RESULT
I cannot change chipers and domain have a connection encrypted with TLS_AES_256_GCM_SHA384
EXPECTED RESULT
I can use TLS_AES_128_GCM_SHA256 with TLS 1.3
ANY ADDITIONAL INFORMATION
Question - Nginx compile by Plesk and chipers
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM
Help with sorting out
TITLE
Nginx compile by Plesk and chipers
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE
Plesk 18.0.39 Update #2, CentOS 7.9.2009
PROBLEM DESCRIPTION
In my configuration TLS 1.3 isn't implementable but with nginx complied by Plesk, I can secure my domains with the last version. I use Let'sEncrypt to secure domains and I have nginx as a proxy. Every domain is secure with TLS_AES_256_GCM_SHA384 but I would like to use TLS_AES_128_GCM_SHA256
I have followed this guide https://support.plesk.com/hc/en-us/...able-TLS-protocol-versions-in-Plesk-for-Linux but withou any success.
STEPS TO REPRODUCE
if I try to set up new chipers to use FIRST AES128 with this command :
Code:
plesk bin server_pref -u -ssl-ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305'
I have this error
Code:
AH00526: Syntax error on line 81 of /etc/httpd/conf.d/ssl.conf:
SSLCipherSuite takes one argument, Colon-delimited list of permitted SSL Ciphers ('XXX:...:XXX' - see manual)
ACTUAL RESULT
I cannot change chipers and domain have a connection encrypted with TLS_AES_256_GCM_SHA384
EXPECTED RESULT
I can use TLS_AES_128_GCM_SHA256 with TLS 1.3
ANY ADDITIONAL INFORMATION
Question - Nginx compile by Plesk and chipers
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM
Help with sorting out