Mirroristas/bigchaindb
2
0
Fork 0
mirror of https://github.com/bigchaindb/bigchaindb.git synced 2024-10-13 13:34:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

In NGINX conf files under k8s/: Drop TLSv1 & TLSv1.1, enable TLSv1.3

Browse Source 
because TLS v1 and v1.1 are old
This commit is contained in:
Troy McConaghy 2018-11-17 09:14:17 +01:00
parent fe467fddbd
commit fcd63d2fce
3 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
k8s/nginx-https-web-proxy/container/nginx.conf.template
View File

@ -62,7 +62,7 @@ http {
server_name "PROXY_FQDN"; server_name "PROXY_FQDN";
ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key; ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5; ssl_ciphers HIGH:!aNULL:!MD5;
underscores_in_headers on; underscores_in_headers on;

2
k8s/nginx-https/container/nginx.conf.template
View File

@ -66,7 +66,7 @@ http {
ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key; ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5; ssl_ciphers HIGH:!aNULL:!MD5;
underscores_in_headers on; underscores_in_headers on;

2
k8s/nginx-https/container/nginx.conf.threescale.template
View File

@ -68,7 +68,7 @@ http {
ssl_certificate /etc/nginx/ssl/cert.pem; ssl_certificate /etc/nginx/ssl/cert.pem;
ssl_certificate_key /etc/nginx/ssl/cert.key; ssl_certificate_key /etc/nginx/ssl/cert.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5; ssl_ciphers HIGH:!aNULL:!MD5;
underscores_in_headers on; underscores_in_headers on;