diff options
| author | Paul Duncan <pabs@pablotron.org> | 2024-05-31 03:58:29 -0400 |
|---|---|---|
| committer | Paul Duncan <pabs@pablotron.org> | 2024-05-31 03:58:29 -0400 |
| commit | dc68c42ce1b8efc1003137c08dd5961b93705684 (patch) | |
| tree | cdcfef52b3a486165608d7faba369be884be906f /static/files/articles/site-backend/tls.conf.txt | |
| parent | 4ed5fcfcd1952f2f6f29a03fa565740beb815800 (diff) | |
| download | pablotron.org-dc68c42ce1b8efc1003137c08dd5961b93705684.tar.bz2 pablotron.org-dc68c42ce1b8efc1003137c08dd5961b93705684.zip | |
content/articles/site-backend.md: populate most of the content
Diffstat (limited to 'static/files/articles/site-backend/tls.conf.txt')
| -rw-r--r-- | static/files/articles/site-backend/tls.conf.txt | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/static/files/articles/site-backend/tls.conf.txt b/static/files/articles/site-backend/tls.conf.txt new file mode 100644 index 0000000..011930d --- /dev/null +++ b/static/files/articles/site-backend/tls.conf.txt @@ -0,0 +1,9 @@ +# explicit list of cipher suites +# (from ssl-config.mozilla.org) +SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + +# use server priorities for cipher algorithm choice +SSLHonorCipherOrder on + +# protocols to enable (TLS 1.2 and 1.3 only) +SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 |