mirror of
https://github.com/krislamo/vagrant-easyredmine
synced 2024-12-16 07:20:36 +00:00
set nginx ssl_ciphers and ss_protocols
This commit is contained in:
parent
ecf3e6ae77
commit
44b56fca18
@ -15,9 +15,14 @@ server {
|
||||
{% else %}
|
||||
server_name {{ ansible_fqdn }};
|
||||
{% endif %}
|
||||
|
||||
ssl on;
|
||||
ssl_certificate /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
|
||||
ssl_certificate_key /etc/pki/tls/certs/{{ ansible_fqdn }}.pem;
|
||||
ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:!DSS:!DH+3DES;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_prefer_server_ciphers on;
|
||||
|
||||
root {{ redmine_root_dir }}/public;
|
||||
passenger_enabled on;
|
||||
client_max_body_size 50M;
|
||||
|
Loading…
Reference in New Issue
Block a user