missing semicolon, disable early SSL by default
This commit is contained in:
parent
1900dfa42d
commit
dbb741676d
@ -15,9 +15,10 @@ ssl_session_tickets off;
|
|||||||
|
|
||||||
# SSL ciphers
|
# SSL ciphers
|
||||||
ssl_protocols TLSv1.2 TLSv1.3;
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
|
ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:TLS-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
ssl_early_data on;
|
# if your NGINX build supports this and is using TLSv1.3, then enable
|
||||||
|
#ssl_early_data on;
|
||||||
|
|
||||||
# Diffie-Hellman parameter for DHE cipher suites, using 4096 bits
|
# Diffie-Hellman parameter for DHE cipher suites, using 4096 bits
|
||||||
ssl_dhparam <path/to/your_dhparam.pem>;
|
ssl_dhparam <path/to/your_dhparam.pem>;
|
||||||
|
Loading…
Reference in New Issue
Block a user