diff options
Diffstat (limited to 'ansible/roles/nginx/files/tls/ssl_ciphers_tls13')
-rw-r--r-- | ansible/roles/nginx/files/tls/ssl_ciphers_tls13 | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 new file mode 100644 index 0000000..db04c36 --- /dev/null +++ b/ansible/roles/nginx/files/tls/ssl_ciphers_tls13 | |||
@@ -0,0 +1,7 @@ | |||
1 | # From https://github.com/cloudflare/sslconfig/blob/796bc5ac7224f1e540394d792323ccafa86aaeea/conf | ||
2 | |||
3 | # nginx >= 1.11.0 (2016-05-24) created the 'ssl_ecdh_curve' parameter | ||
4 | |||
5 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; | ||
6 | ssl_ecdh_curve X25519:P-256:P-384:P-224:P-521; | ||
7 | ssl_ciphers '[ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305|ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]:ECDHE+AES128:RSA+AES128:ECDHE+AES256:RSA+AES256:ECDHE+3DES:RSA+3DES'; | ||