summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/roles/nginx/files/tls/ssl_ciphers_tls13')
-rw-r--r--ansible/roles/nginx/files/tls/ssl_ciphers_tls137
1 files changed, 7 insertions, 0 deletions
diff --git a/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13
new file mode 100644
index 0000000..db04c36
--- /dev/null
+++ b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13
@@ -0,0 +1,7 @@
1# From https://github.com/cloudflare/sslconfig/blob/796bc5ac7224f1e540394d792323ccafa86aaeea/conf
2
3# nginx >= 1.11.0 (2016-05-24) created the 'ssl_ecdh_curve' parameter
4
5ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
6ssl_ecdh_curve X25519:P-256:P-384:P-224:P-521;
7ssl_ciphers '[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES';
Powered by cgit v1.2.3 (git 2.41.0)