engineering
/
configurations
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

disable TLSv1.2 support

master
Matthew 2024-12-06 20:12:23 -05:00
parent 4ce3d46c35
commit 24d77d592a
Signed by: matthew
SSH Key Fingerprint: SHA256:piIXekA9q1p0ZGi4ogFbNY1embip5Ytbi3v8AZ8UYq4
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
Nginx/nginx.conf
View File

@ -36,12 +36,12 @@ http {
# SSL Settings # SSL Settings
## ##
ssl_protocols TLSv1.2 TLSv1.3; ssl_protocols TLSv1.3;
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers off;
ssl_stapling on; ssl_stapling on;
#ssl_stapling_verify on; #ssl_stapling_verify on;
ssl_session_cache shared:SSL:10m; ssl_session_cache shared:SSL:10m;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; #ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_dhparam /etc/nginx/dhparam.pem; ssl_dhparam /etc/nginx/dhparam.pem;
ssl_ecdh_curve X25519:prime256v1:secp384r1; ssl_ecdh_curve X25519:prime256v1:secp384r1;