ssl_reject_handshake on 的作用: 当ssl_reject_handshake 设置为 on 时,Nginx 服务器会在检测到 SSL/TLS 握手请求不符合其配置要求(如客户端使用的协议版本、加密算法等不被服务器支持)时,立即拒绝该握手请求,并关闭连接。这有助于增强服务器的安全性,因为它可以防止服务器尝试与配置不兼容或不安全的客户端建...
Nginx 1.19.4 introduced a new feature called "ssl_reject_handshake" which can be used to block unwanted SSL handshakes. I noticed that, when enabled, it effectively turns off TLSv1.3. I opened the following ticket: https://trac.nginx.org...
#默认主机拒绝SSL握手 server { listen 443 ssl default_server; ssl_reject_handshake on; } 经过实验,把这个默认主机添加一个测试用的国际证书+空主机名也会出现无法使用国密。 Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment...