I have a few users that are having issues with my website now that I
disabled SSLv3. Turns out the only cipher that would/should work with
XP/IE8 is TLS1.0: “TLS_RSA_WITH_3DES_EDE_CBC_SHA” (there are two RC4’s
that also work, but I understand that is really not recommended).
Can anyone tell me how to add this to my ssl_ciphers? (I don’t fully
understand the shorthand in the list.)
I see that, based on a recommendation, I do have “!3DES” in the list.
If anyone has any other recommendations to support XP/IE8 with TLS1.0 in
the most secure manner, I appreciate all feedback!
Also, if I put this one last in the list, can I assume it will be the
least preferred by nginx?
Thank you again,
AJ