diff options
Diffstat (limited to 'tozt/nginx/files/ssl')
-rw-r--r-- | tozt/nginx/files/ssl | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/tozt/nginx/files/ssl b/tozt/nginx/files/ssl new file mode 100644 index 0000000..6248ac8 --- /dev/null +++ b/tozt/nginx/files/ssl @@ -0,0 +1,12 @@ +ssl on; +ssl_certificate /media/persistent/certbot/live/tozt.net/fullchain.pem; +ssl_certificate_key /media/persistent/certbot/live/tozt.net/privkey.pem; +ssl_protocols TLSv1.1 TLSv1.2; +ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; +ssl_dhparam /etc/nginx/dhparam.pem; +ssl_prefer_server_ciphers on; +ssl_session_cache shared:SSL:10m; +ssl_stapling on; +ssl_stapling_verify on; + +# vim:ft=nginx |