diff options
author | Christian Pointner <equinox@spreadspace.org> | 2020-08-28 00:36:05 +0200 |
---|---|---|
committer | Christian Pointner <equinox@spreadspace.org> | 2020-08-28 00:36:05 +0200 |
commit | 423b33805d51781c63780d797f0b67261da4a7b8 (patch) | |
tree | a20d12874ad1427d3f25569a210f6bccf1a01d7c /roles/nginx/base/files/snippets/tls.conf | |
parent | finalize ch-imap-proxy (diff) |
ssl cipher list prefer chacha20 for tls1.2
Diffstat (limited to 'roles/nginx/base/files/snippets/tls.conf')
-rw-r--r-- | roles/nginx/base/files/snippets/tls.conf | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/nginx/base/files/snippets/tls.conf b/roles/nginx/base/files/snippets/tls.conf index 46d43ecb..9c4f7853 100644 --- a/roles/nginx/base/files/snippets/tls.conf +++ b/roles/nginx/base/files/snippets/tls.conf @@ -1,5 +1,5 @@ ssl_protocols TLSv1.2 TLSv1.3; -ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES128:!RSA:!ADH:!AECDH:!MD5; +ssl_ciphers ECDHE+CHACHA20:ECDHE+AESGCM:DHE+CHACHA20:DHE+AESGCM:ECDHE+AES256:DHE+AES256:ECDHE+AES128:DHE+AES128:!ADH:!AECDH:!MD5:!SHA; ssl_prefer_server_ciphers on; ssl_dhparam /etc/ssl/dhparams.pem; |