编辑“Nginx SSL 配置”
跳到导航
跳到搜索
该编辑可以被撤销。请检查下面的对比以核实您想要撤销的内容,然后保存下面的更改以完成撤销。
最后版本 | 您的文字 | ||
第1行: | 第1行: | ||
<code>/etc/nginx/conf.d/ssl_security.conf</code><syntaxhighlight lang="nginx"> | <code>/etc/nginx/conf.d/ssl_security.conf</code><syntaxhighlight lang="nginx"> | ||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | ||
− | ssl_ciphers | + | ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:RSA+AESGCM:RSA+AES:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!ADH:!AECDH; |
ssl_prefer_server_ciphers on; | ssl_prefer_server_ciphers on; | ||
ssl_dhparam /etc/nginx/ssl/dhparams.pem; # Run `openssl dhparam -out /etc/nginx/ssl/dhparams.pem 2048` beforehead | ssl_dhparam /etc/nginx/ssl/dhparams.pem; # Run `openssl dhparam -out /etc/nginx/ssl/dhparams.pem 2048` beforehead |