Commit f75e36e2 authored by ale's avatar ale

Merge branch 'tls13' into 'master'

Update TLS params for nginx (to tls1.3)

See merge request !155
parents 3807d732 15e001a3
Pipeline #9709 passed with stages
in 10 minutes and 15 seconds
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers EECDH+AESGCM:EDH+AESGCM;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 5m;
ssl_dhparam /etc/nginx/dhparam;
ssl_ecdh_curve secp384r1;
# Allow longer keepalive timeouts for SSL connections.
# TODO: can't be here, must be in all server {} sections.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment