infra/ansible-role-nginx
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

enable TLSv1.3

Browse source
This commit is contained in:
nd 2021-01-24 13:02:17 +01:00
parent c9bd5720e3
commit 72bd7c7a7d
No known key found for this signature in database
GPG key ID: 21B5CD4DEE3670E9
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
files/config/conf.d/ssl.conf
View file

@ -3,7 +3,7 @@ ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1.2;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;