add support for ssl_dhparams to prevent 'Logjam' attack
This commit is contained in:
parent
2b270c9353
commit
a10d1b50bf
1 changed files with 4 additions and 0 deletions
|
@ -105,6 +105,10 @@ server {
|
||||||
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
|
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
|
||||||
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
|
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
|
||||||
|
|
||||||
|
{{ if (exists (printf "/etc/nginx/certs/%s.dhparams.pem" $cert)) }}
|
||||||
|
ssl_dhparam {{ printf "/etc/nginx/certs/%s.dhparams.pem" $cert }};
|
||||||
|
{{ end }}
|
||||||
|
|
||||||
add_header Strict-Transport-Security "max-age=31536000";
|
add_header Strict-Transport-Security "max-age=31536000";
|
||||||
|
|
||||||
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
|
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
|
||||||
|
|
Reference in a new issue