6543
/
nginx_config
2
2
Fork 1
Code Issues 3 Pull Requests Projects Releases Wiki Activity

Update ssl_options; new ciphers etc (#2) 

Update ciphers, update cache to only use TLS

Closes #1

Co-authored-by: dbraeuer@bounty <d.braeuer@heinlein-support.de>
Reviewed-on: #2
Co-authored-by: ahab <obermui@schoeneberge.eu>
Co-committed-by: ahab <obermui@schoeneberge.eu>
This commit is contained in:
ahab 2021-07-20 07:05:11 +00:00 committed by 6543
parent 55ef0e082a
commit 2c52a3e11a
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
snippets/ssl_options.conf
View File

@ -1,9 +1,9 @@
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_cache shared:TLS:1m;
ssl_session_tickets off;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EECDH+AES256 !aNULL:!MD5';
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;