| TLS_ECDH_anon_WITH_AES_256_CBC_SHA - broken | TLS_ECDH_anon_WITH_RC4_128_SHA - broken | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - weak | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - weak | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WI...
| TLS_ECDH_anon_WITH_AES_256_CBC_SHA - broken | TLS_ECDH_anon_WITH_RC4_128_SHA - broken | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - weak | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - weak | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WI...
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - weak | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - weak | TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong | TLS_RSA_WITH_AES_128_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA - strong | TLS_RSA_WITH_AES_256_CBC_SHA256 - strong | TLS_RSA_WITH_AES...
PORT STATE SERVICE VERSION443/tcp open http nginx| ssl-enum-ciphers:|SSLv3: No supported ciphers found| TLSv1.0:|ciphers:| TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA -strong| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA -strong| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA -strong| TLS_RSA_WITH_AES_128_C...
It looks to me like any client which tries to use TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 fails. This is your most preferred cipher but all the clients that succeed do not support it so skip past it and all those that fail do support it. ...
TLS-RSA-WITH-RC4-128-SHA TLS-RSA-WITH-3DES-EDE-CBC-SHA TLS-DHE-RSA-WITH-3DES-EDE-CBC-SHA TLS-RSA-WITH-AES-128-CBC-SHA TLS-DHE-RSA-WITH-AES-128-CBC-SHA TLS-RSA-WITH-AES-256-CBC-SHA TLS-DHE-RSA-WITH-AES-256-CBC-SHA TLS-RSA-WITH-AES-128-CBC-SHA256 ...
RSA_WITH_AES_128_CBC_SHA(0x0033)Cipher Suite:TLS_DHE_RSA_WITH_AES_256_CBC_SHA(0x0039)Cipher Suite:TLS_RSA_WITH_AES_128_CBC_SHA(0x002f)Cipher Suite:TLS_RSA_WITH_AES_256_CBC_SHA(0x0035)Cipher Suite:TLS_RSA_WITH_3DES_EDE_CBC_SHA(0x000a)Compression Methods Length:1CompressionMethods(...
Cipher Suite指定了服务端选定的加密组合,这里选出的加密组合是TLS_RSA_WITH_3DES_EDE_CBC_SHA Compress Method表明了使用的压缩算法这里为空 服务端返回了证书,证书使用x.509格式,供客户端验证其身份 客户端回应 客户利用服务器传过来的信息验证服务器的合法性,服务器的合法性包括:证书是否过期,发行服务器证书的CA...
ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-IDEA-CBC-MD5:KRB5-DES-CBC3-MD5:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:KRB5-RC4-SHA:KRB5-RC4-MD5...
ssl_protocols TLSv1.2 TLSv1.1 TLSv1;ssl_ciphers TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:WEAK112TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:FS256TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA- ssl_prefer_server_ciphers on;location / { proxy_pass ht...