Fix: now nginx will allow older browsers to negotiate deprecated ciphers

DistriNet · Jul 3, 2024 · 3b6f506 · 3b6f506
1 parent b2b63ef
commit 3b6f506
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/nginx/config/experiments.conf b/nginx/config/experiments.conf
@@ -22,6 +22,9 @@ server {
     listen 443 ssl;
     server_name a.test sub.a.test sub.sub.a.test b.test sub.b.test leak.test adition.com;
 
+    # Our server requires to be accessible by older browsers, so even deprecated protocols and ciphers are allowed.
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
+    ssl_ciphers DEFAULT:@SECLEVEL=0;
     ssl_certificate /etc/nginx/ssl/certs/bughog.crt;
     ssl_certificate_key /etc/nginx/ssl/keys/bughog.key;