-
Incident report
-
Resolution: Won't fix
-
Minor
-
None
-
2.2.6
-
None
I'm using net.tcp.service[https] ( Zabbix agent active ) to check the https port on my Nginx server. I decided to tweak my ssl ciphers to strenghten the security, and changed it to:
ssl_prefer_server_ciphers on;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:!ADH:!AECDH:!MD5;
As soon as I restarted Nginx, Zabbix marked the item as being down.
I changed the ciphers to the somewhat more compatible:
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
and the item was marked as up again.
I've used https://bjornjohansen.no/optimizing-https-nginx as a guide to tweak Nginx.