listen 443 ssl spdy; Actually but sni is working fine sslabs reports the correct certs... just tells me SSLv3 is on in all when its only set for one of the domains... At first I had " ssl_protocols TLSv1 TLSv1.1 TLSv1.2;" at the http level and just set " ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; " in one of the servers/domain I removed that for http block and now have the different "ssl_protocols" directive in the corresponding configs and sslabs reports the one defined in the first.
If I change the order (sslv3 first) sslabs reports all servers/domains have sslv3 on but curl fails with "-sslv3" and the error is related to the cert name ... but I'm assuming that's just because sni is a TLS extension not SSL.. so it actually proves sslv3 is on when it shouldn't be!
_______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
