zombi/nginx-proxy
Archived
11
0
Fork 0
Code Issues Pull requests Releases Activity

add support for ssl_dhparams to prevent 'Logjam' attack

Browse source
This commit is contained in:
Kuo-Cheng Yeu 2015-05-21 15:19:58 +08:00
parent 2b270c9353
commit a10d1b50bf
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nginx.tmpl
View file

@ -105,6 +105,10 @@ server {
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }}; ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }}; ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
{{ if (exists (printf "/etc/nginx/certs/%s.dhparams.pem" $cert)) }}
ssl_dhparam {{ printf "/etc/nginx/certs/%s.dhparams.pem" $cert }};
{{ end }}
add_header Strict-Transport-Security "max-age=31536000"; add_header Strict-Transport-Security "max-age=31536000";
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }} {{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}