Nginx and openSSL conf to use newest TLS protocols

Since few weeks, my webserver, Niginx, had a problem with TLS protocols version 1.1 & 1.2 :

• When an user try to connect to my website, web browser and Nginx chose only TLS 1.0 for the conection.

• in Nginx virtual host conf file, I mentionned to use TLS 1.0, 1.1 and 1.2 :

ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers               AES256-SHA256:AES256-SHA;
ssl_prefer_server_ciphers on;

• Packages versions (newest for both) :

nginx version: nginx/1.4.2 TLS SNI support enabled configure
arguments: –prefix=/etc/nginx –sbin-path=/usr/sbin/nginx
–conf-path=/etc/nginx/nginx.conf –error-log-path=/var/log/nginx/error.log –http-log-path=/var/log/nginx/access.log –pid-path=/var/run/nginx.pid –lock-path=/var/run/nginx.lock –http-client-body-temp-path=/var/cache/nginx/client_temp –http-proxy-temp-path=/var/cache/nginx/proxy_temp –http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp –http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp –http-scgi-temp-path=/var/cache/nginx/scgi_temp –user=nginx –group=nginx –with-http_ssl_module –with-http_realip_module –with-http_addition_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_random_index_module –with-http_secure_link_module –with-http_stub_status_module –with-mail –with-mail_ssl_module –with-file-aio –with-cc-opt='-g -O2 -Wp,-D_FORTIFY_SOURCE=2' –with-ld-opt= –with-ipv6

OpenSSL 1.0.1e 11 Feb 2013

• Linux distrib : Debian 7.1 x64

• Qualys ssl labs result

TLS 1.2 No

TLS 1.1 No

TLS 1.0 Yes

SSL 3 No

SSL 2 No

• I tried to reboot, update, noting. I checked nginx conf file for each virtual host : all have the same parameters for ssl_protocols.

What is my mistake ?

Thanks

haflinger