mirror of
				https://github.com/spantaleev/matrix-docker-ansible-deploy.git
				synced 2025-10-24 17:13:23 +00:00 
			
		
		
		
	Disable TLS 1.0 and enable TLS 1.3
This commit is contained in:
		| @@ -35,7 +35,7 @@ server { | |||||||
|  |  | ||||||
| 	ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ hostname_riot }}/fullchain.pem; | 	ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ hostname_riot }}/fullchain.pem; | ||||||
| 	ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ hostname_riot }}/privkey.pem; | 	ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ hostname_riot }}/privkey.pem; | ||||||
| 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | 	ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; | ||||||
| 	ssl_prefer_server_ciphers on; | 	ssl_prefer_server_ciphers on; | ||||||
| 	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | 	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | ||||||
|  |  | ||||||
|   | |||||||
| @@ -35,7 +35,7 @@ server { | |||||||
|  |  | ||||||
| 	ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ hostname_matrix }}/fullchain.pem; | 	ssl_certificate {{ matrix_ssl_config_dir_path }}/live/{{ hostname_matrix }}/fullchain.pem; | ||||||
| 	ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ hostname_matrix }}/privkey.pem; | 	ssl_certificate_key {{ matrix_ssl_config_dir_path }}/live/{{ hostname_matrix }}/privkey.pem; | ||||||
| 	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | 	ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; | ||||||
| 	ssl_prefer_server_ciphers on; | 	ssl_prefer_server_ciphers on; | ||||||
| 	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | 	ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user