Commit 15e001a3 authored by ale's avatar ale

Update TLS params for nginx (to tls1.3)

parent 3807d732
Pipeline #8879 passed with stage
in 2 minutes and 35 seconds
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_dhparam /etc/nginx/dhparam;
ssl_ecdh_curve secp384r1;
# Allow longer keepalive timeouts for SSL connections.
# TODO: can't be here, must be in all server {} sections.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment