summaryrefslogtreecommitdiff
path: root/templates/ssl.tmpl
diff options
context:
space:
mode:
Diffstat (limited to 'templates/ssl.tmpl')
-rw-r--r--templates/ssl.tmpl8
1 files changed, 8 insertions, 0 deletions
diff --git a/templates/ssl.tmpl b/templates/ssl.tmpl
new file mode 100644
index 0000000..2729c09
--- /dev/null
+++ b/templates/ssl.tmpl
@@ -0,0 +1,8 @@
+ssl_prefer_server_ciphers On;
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
+ add_header Strict-Transport-Security max-age=15768000;
+ ssl_session_cache shared:SSL:50m;
+ ssl_session_timeout 10m;
+ ssl_dhparam {{.DHParam}};
+ ssl_buffer_size 1400;