enabled TLSv1.3, replaced SSL profiles logic to OWASP

fixes #42, fixes #82
2025-08-09 19:40:40 +08:00 · 2019-04-14 21:50:15 +02:00
parent 926bce92ee
commit 5c73002020
6 changed files with 59 additions and 37 deletions
--- a/public/templates/conf/nginx.conf.html
+++ b/public/templates/conf/nginx.conf.html
@@ -55,12 +55,12 @@ http {<!--
 	ssl_session_cache shared:SSL:50m;
 	ssl_session_tickets off;<!--

-	✘ SSLProfileModern --><span ng-if="isSSLProfileIntermediate() || isSSLProfileOld()">
+	✔ SSL DH required --><span ng-if="isSSLDHRequired()">

 	# Diffie-Hellman parameter for DHE ciphersuites
 	ssl_dhparam /etc/nginx/dhparam.pem;</span>

-	# {{ data.ssl_profile }} configuration
+	# {{ sslProfiles[ data.ssl_profile ].name }} configuration
 	ssl_protocols {{ sslProfiles[ data.ssl_profile ].protocols }};
 	ssl_ciphers {{ sslProfiles[ data.ssl_profile ].ciphers }};
 	ssl_prefer_server_ciphers on;