Skip to content

Commit 5001d23

Browse files
hhundhhund
committed
simplified nginx tls config
1 parent adc72c2 commit 5001d23

1 file changed

Lines changed: 1 addition & 3 deletions

File tree

dsf-docker-dev-setup-3dic-ttp/proxy/nginx.conf

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -28,9 +28,7 @@ http {
2828

2929
ssl_certificate /run/secrets/localhost.chain.crt;
3030
ssl_certificate_key /run/secrets/localhost.key.plain;
31-
ssl_protocols TLSv1.2 TLSv1.3;
32-
ssl_ciphers TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
33-
ssl_prefer_server_ciphers on;
31+
ssl_protocols TLSv1.3;
3432
add_header Strict-Transport-Security "max-age=63072000" always;
3533

3634
ssl_client_certificate /run/secrets/issuing_ca.crt;

0 commit comments

Comments
 (0)