about summary refs log tree commit diff
diff options
context:
space:
mode:
authorreverite <samantha@chalker.io>2018-04-04 14:23:18 -0700
committerreverite <samantha@chalker.io>2018-04-04 14:23:18 -0700
commit1d053d83aa9e11d039fddd8df1fc6441d2e27caa (patch)
tree20b60f91527216f2a3b1f716bf9b1bbe9b42154e
parenta92dcec83e3f20b61a1e37c183a3be175e4917e8 (diff)
Oh wait
-rw-r--r--deploy/conf/nginx.conf6
1 files changed, 4 insertions, 2 deletions
diff --git a/deploy/conf/nginx.conf b/deploy/conf/nginx.conf
index a3b408b..e005f86 100644
--- a/deploy/conf/nginx.conf
+++ b/deploy/conf/nginx.conf
@@ -33,13 +33,14 @@ server {
 
   ssl_protocols TLSv1.2 TLSv1.3;
   ssl_ciphers ECDHE+CHACHA20:AES256+EECDH:AES256+EDH:!aNULL;
-  ssl_ecdhparam x25519:secp521r1:secp384r1;
+  ssl_ecdh_curve X25519:secp521r1:secp384r1;
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:TLS:2m;
   ssl_session_timeout 10m;
   ssl_session_tickets off;
   ssl_stapling on;
   ssl_stapling_verify on;
+  ssl_dhparam /etc/ssl/dhparam.pem;
 
   keepalive_timeout 70;
   sendfile on;
@@ -70,13 +71,14 @@ server {
 
   ssl_protocols TLSv1.3 TLSv1.2;
   ssl_ciphers ECDHE+CHACHA20:AES256+EECDH:AES256+EDH:!aNULL;
-  ssl_ecdhparam x25519:secp521r1:secp384r1;
+  ssl_ecdh_curve X25519:secp521r1:secp384r1;
   ssl_prefer_server_ciphers on;
   ssl_session_cache shared:TLS:2m;
   ssl_session_timeout 10m;
   ssl_session_tickets off;
   ssl_stapling on;
   ssl_stapling_verify on;
+  ssl_dhparam /etc/ssl/dhparam.pem;
 
   keepalive_timeout 70;
   sendfile on;