packetcat/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update webserver1 nginx config to use TLSv1.3

Browse Source
This commit is contained in:
Sadiq Saif 2019-07-03 21:04:35 -04:00 committed by GitHub
parent c76ff142ab
commit b21cf6176c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ubuntu/webserver1.asininetech.com.yml
View File

@ -238,7 +238,7 @@
upstream: upstream:
- upstream php { server unix:/run/php/php7.2-fpm.sock; } - upstream php { server unix:/run/php/php7.2-fpm.sock; }
ssl: ssl:
- ssl_protocols TLSv1.2 - ssl_protocols TLSv1.2 TLSv1.3
- ssl_prefer_server_ciphers on - ssl_prefer_server_ciphers on
- ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256' - ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256'
- ssl_dhparam "/etc/nginx/dhparams.pem" - ssl_dhparam "/etc/nginx/dhparams.pem"