Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-09-28 21:37:31 +02:00
Code Issues Projects Releases Wiki Activity

Remove tls1.1 in notary

Browse Source 
Signed-off-by: DQ <dengq@vmware.com>
This commit is contained in:
DQ 2020-05-26 16:11:57 +08:00
parent c10c04c5f7
commit 715685ae51
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
make/photon/prepare/templates/nginx/notary.server.conf.jinja
View File

@ -6,7 +6,7 @@
ssl_certificate_key {{ssl_cert_key}};
# recommendations from https://raymii.org/s/tutorials/strong_ssl_security_on_nginx.html
ssl_protocols tlsv1.1 tlsv1.2;
ssl_protocols tlsv1.2;
ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:ssl:10m;