By default nginx uses “ ssl_protocols tlsv1.2 tlsv1.3 ” and “ ssl_ciphers high:!anull:!md5 ”, so configuring them explicitly is generally not needed. The ngx_stream_ssl_module module (1.9.0) provides the necessary support for a stream proxy server to work with the ssl/tls protocol If tlsv1.3 works as a cipher list for you somewhere, this means that the error returned by ssl_ctx_set_cipher_list () is simply ignored I even tried adding ssl_ciphers, proxy_ciphers settings etc But nothing works (i am new to this) Later i removed these trial and errors from my config assuming that i am doing too much.
Did you enable the orange cloud on cloudflare If so, this is not an nginx problem, but rather an issue with your certificate on the cloudflare cdn You may want to check if the cloudflare edge certificate is correctly issued Whenever the cloudflare certificate is not successfully issued, cloudflare will return err_ssl_version_or_cipher_mismatch Sets arbitrary openssl configuration commands when establishing a connection with the grpc ssl server The directive is supported when using openssl 1.0.2 or higher.
