Hey, were you able to get an A?when i get home i will go over your guide and follow all of the steps without making changes other than my own domain.
see if this helps
Hey!Hey, were you able to get an A?
Hey!
well i've tried the following so far,
using different apps on background.
using no apps (meanin itworks nginx)
using different recommended settings from cipherli.st for ssl_common.conf
using different nginx.conf settings and setups
tried using nginx.conf stated above
pkg update and upgrade comes back with everything up to date already
using template 9.10 latest
other than breaking my proxies (eventually) it did nothing :D
Did you install nginx from ports or the package version? The CVE-2016-2107 vulnerability affects the package version because it's built against the base version of openssl in FreeBSD 10.3. To mitigate this you need to install the ports version as well as the ports version of openssl withHi there,
So i've build a proxy using this guide, however ssl labs is giving me an F rating
Main cause:
Openssl padding OpenSSL Padding Oracle vuln. (CVE-2016-2107)
Any way to fix this?
DEFAULT_VERSIONS+=ssl=openssl
option added to your /etc/make.conf file.Did you install nginx from ports or the package version? The CVE-2016-2107 vulnerability affects the package version because it's built against the base version of openssl in FreeBSD 10.3. To mitigate this you need to install the ports version as well as the ports version of openssl withDEFAULT_VERSIONS+=ssl=openssl
option added to your /etc/make.conf file.
pkg update && pkg upgrade
pkg install nginx nano git and so on
pkg info nginx
How would i go about installing nginx via ports?
cd /usr/ports/www/nginx/ && make install clean
cd /usr/ports/www/nginx/ && make install clean
I would strongly suggest you read the manual before you proceed any further.
portsnap fetch portsnap[ extract portsnap update cd /usr/ports/www/nginx/ && make install clean
portsnap fetch portsnap[ extract portsnap update cd /usr/ports/www/nginx/ && pkg install clean nginx
With 'pkg' there's no need to 'portsnap' or 'cd'. You can 'pkg install nginx' (no need to "clean") from anywhere.Or seeing pkg was used
Code:portsnap fetch portsnap[ extract portsnap update cd /usr/ports/www/nginx/ && pkg install clean nginx
am i right?
i am told to try and install nginx via portsWith 'pkg' there's no need to 'portsnap' or 'cd'. You can 'pkg install nginx' (no need to "clean") from anywhere.
cd /usr/ports/www/nginx/ && make install clean
I would strongly suggest you read the manual before you proceed any further.
cd /usr/ports/www/nginx/ && make install clean
I would strongly suggest you read the manual before you proceed any further.
portsnap fetch portsnap extract cd /usr/ports/www/nginx/ && make install clean
Check the log. That's the only way you are going to be able to definitively know if everything is working.Thanks for the Guide and to all the contributors,
I have tried a number of ways to obtain certs from letsencrypt and I never propagate a folder at /etc/letsencrypt/live.
I assume /etc/letsencrypt/live is the path to the location of the .pem files needed by nginx.
Can someone with a successful configuration please share where their key files are located.
Thanks
/var/log/letsencrypt