mirror of
https://github.com/goharbor/harbor.git
synced 2024-12-23 00:57:44 +01:00
nginx: Remove TLSv1.1 support
Signed-off-by: Jakub Onderka <jakub.onderka@gmail.com>
This commit is contained in:
parent
f3ba25f656
commit
8f83310022
@ -39,7 +39,7 @@ http {
|
||||
ssl_certificate_key {{ssl_cert_key}};
|
||||
|
||||
# Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
|
||||
ssl_protocols TLSv1.1 TLSv1.2;
|
||||
ssl_protocols TLSv1.2;
|
||||
ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
Loading…
Reference in New Issue
Block a user