I am running Nextcloud 21 on Debian 10 with apache.
Build from scratch. My first time
Everytime is working fine, ssllabs gives me an A+.
My only problem (so far ) is that my android app keeps saying SSL initialization error. And because of that or as a separate issue the app hangs a lot. The asks me to wait to shutdown the app constantly.
Now i have found that this change to “ssl_ecdh_curve prime256v1;” instead of “ssl_ecdh_curve secp384r1 should be the solution.
But i am not sure how to do this.
When i look at /etc/letsencrypt/options-ssl-apache.conf (This is the correct file right? ) i see:
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:$
SSLHonorCipherOrder off
SSLSessionTickets off
Which i put there, so that is fine. But would do i need to change? I am not seeing ssl_ecdh_curve secp384r1. So i am not sure what to do now.