diff options
author | clarkzjw <[email protected]> | 2023-02-08 00:40:09 -0800 |
---|---|---|
committer | clarkzjw <[email protected]> | 2023-02-08 00:40:09 -0800 |
commit | 1204730924436ef9e1c7c49c9557837f9a5ed0e8 (patch) | |
tree | 129d79dfd11245751cee6d4082ff5d2f6e941610 /ansible/roles/nginx/files/tls/ssl_ciphers_tls13 | |
parent | 9635ac4dedf69de5bff65785bcc16bef80b52d75 (diff) | |
download | mail-1204730924436ef9e1c7c49c9557837f9a5ed0e8.tar.gz |
Diffstat (limited to 'ansible/roles/nginx/files/tls/ssl_ciphers_tls13')
-rw-r--r-- | ansible/roles/nginx/files/tls/ssl_ciphers_tls13 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 new file mode 100644 index 0000000..db04c36 --- /dev/null +++ b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 | |||
@@ -0,0 +1,7 @@ | |||
1 | # From https://github.com/cloudflare/sslconfig/blob/796bc5ac7224f1e540394d792323ccafa86aaeea/conf | ||
2 | |||
3 | # nginx >= 1.11.0 (2016-05-24) created the 'ssl_ecdh_curve' parameter | ||
4 | |||
5 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | ||
6 | ssl_ecdh_curve X25519:P-256:P-384:P-224:P-521; | ||
7 | ssl_ciphers '[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES'; | ||