|
|
@@ -144,7 +144,8 @@ server {
|
|
|
ssl_certificate /usr/local/nginx/conf/ca/ca.crt;
|
|
|
ssl_certificate_key /usr/local/nginx/conf/ca/test.key;
|
|
|
ssl_session_timeout 5m;
|
|
|
- ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
|
+ # ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
|
|
|
+ ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DES:!3DES;
|
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
liuxingchen