After the Web site HTTPS encryption protocol is always TLS1.0 How to configure into TLS1.2?
To turn on TLSV1 on the server.2, typically requiring a openssl-based environment, using OpenSSL1.0+, recommended OpenSSL1.0.1+. Requires a Java-based environment, using JDK1.7+. View the version of OpenSSL: # OpenSSL version-Aopenssl1.0.1e-fips OneFeb -built on:wed APR1 -: -: -Utc -Platform:linux-X86_64options:bn ( -, -) MD2 (int) RC4 (16x,int) des (Idx,cisc, -,int) Idea (int) Blowfish (idx) COMPILER:GCC-fpic-dopenssl_pic-dzlib-dopenssl_threads-d_reentrant-ddso_dlfcn-dhave_dlfcn_h-dkrb5_mit-m64-dl_endian-dtermio -wall-o2-g-pipe-wall-wp,-d_fortify_source=2-fexceptions-fstack-protector--param=ssp-buffer-size=4-m64-mtune=generic-wa,--NOEXECSTACK-DPURIFY-DOPENSSL_IA32_SSE2-DOPENSSL_BN_ASM_MONT-DOPENSSL_BN_ASM_MONT5- Dopenssl_bn_asm_gf2m-dsha1_asm-dsha256_asm-dsha512_asm-dmd5_asm-daes_asm-dvpaes_asm-dbsaes_asm-dwhirlpool_asm-Dghash_asmopenssldir:"/etc/pki/tls"Engines:Dynamicto view the JDK version: # java-Versionjava version"1.7.0_80"Java (TM) SE Runtime Environment (build1.7.0_80-B15) Java HotSpot (TM) --bit Server VM (build24.80-B11, Mixed mode)
successfully upgraded TLS1.0 to TLS1.2 by modifying nginx parameters
server { listen; Listen 443; server_name xxx.xxx.com; SSL on; Ssl_certificate/etc/cert/213978673140913.pem; Ssl_certificate_key/etc/cert/213978673140913.key; Ssl_session_cache shared:ssl:1m; #ssl_ciphers high:!anull:! MD5; #ssl_protocols SSLv2 SSLv3 TLSv1; Ssl_protocols TLSv1.2 TLSv1.1; Ssl_ciphers all:! Adh:! Export56:rc4+rsa:+high:+medium:+low:+sslv2:+exp; Ssl_prefer_server_ciphers on; Location/{ proxy_pass http://xxxx_pools; }}
The encryption protocol is always TLS1.0 how to configure TLS1.2 after HTTPS is enabled on the Web?