Home Explore Help
Sign In
master
/
auto4certbot
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

update example ssl nginx 09.07.25:20.53

Vixfree 4 days ago
parent
497cf3ff13
commit
bf7a9431ec
2 changed files with 11 additions and 1 deletions
Split View Show Diff Stats
  1. 3 1
      docs/nginx_examples/nginx.conf
  2. 8 0
      docs/nginx_examples/nginx_ssl.conf

+ 3 - 1
docs/nginx_examples/nginx.conf
View File 

@@ -1,5 +1,5 @@
1 1 
 user  www-data;
2 
-worker_processes  1;
2 
+worker_processes auto;
3 3
4 4 
 error_log  /var/log/nginx/error.log warn;
5 5 
 pid        /var/run/nginx.pid;
 
@@ -33,6 +33,8 @@ http {
33 33
34 34 
     include /etc/nginx/conf.d/*.conf;
35 35 
     include /etc/nginx/sites-enabled/*;
36 
+#### SSL
37 
+    include /etc/nginx/nginx_ssl.conf;
36 38 
 ####
37 39 
     tcp_nodelay on;
38 40 
     types_hash_max_size 2048;

+ 8 - 0
docs/nginx_examples/nginx_ssl.conf
View File 

@@ -0,0 +1,8 @@
1 
+ssl_stapling_verify on;
2 
+ssl_session_timeout 1d;
3 
+ssl_session_cache shared:SSL:50m;
4 
+ssl_session_tickets off;
5 
+
6 
+ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
7 
+ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
8 
+ssl_prefer_server_ciphers off;