diff options
author | reverite <samantha@chalker.io> | 2018-04-04 14:23:18 -0700 |
---|---|---|
committer | reverite <samantha@chalker.io> | 2018-04-04 14:23:18 -0700 |
commit | 1d053d83aa9e11d039fddd8df1fc6441d2e27caa (patch) | |
tree | 20b60f91527216f2a3b1f716bf9b1bbe9b42154e | |
parent | a92dcec83e3f20b61a1e37c183a3be175e4917e8 (diff) |
Oh wait
-rw-r--r-- | deploy/conf/nginx.conf | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/deploy/conf/nginx.conf b/deploy/conf/nginx.conf index a3b408b..e005f86 100644 --- a/deploy/conf/nginx.conf +++ b/deploy/conf/nginx.conf @@ -33,13 +33,14 @@ server { ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE+CHACHA20:AES256+EECDH:AES256+EDH:!aNULL; - ssl_ecdhparam x25519:secp521r1:secp384r1; + ssl_ecdh_curve X25519:secp521r1:secp384r1; ssl_prefer_server_ciphers on; ssl_session_cache shared:TLS:2m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; + ssl_dhparam /etc/ssl/dhparam.pem; keepalive_timeout 70; sendfile on; @@ -70,13 +71,14 @@ server { ssl_protocols TLSv1.3 TLSv1.2; ssl_ciphers ECDHE+CHACHA20:AES256+EECDH:AES256+EDH:!aNULL; - ssl_ecdhparam x25519:secp521r1:secp384r1; + ssl_ecdh_curve X25519:secp521r1:secp384r1; ssl_prefer_server_ciphers on; ssl_session_cache shared:TLS:2m; ssl_session_timeout 10m; ssl_session_tickets off; ssl_stapling on; ssl_stapling_verify on; + ssl_dhparam /etc/ssl/dhparam.pem; keepalive_timeout 70; sendfile on; |