Mercurial > hg > nginx-quic
comparison conf/nginx.conf @ 5319:50f531a55b73
Fixed misleading example SSL config.
a) ssl as listen parameter is preferable.
b) ssl_protocols defaults are better because they do not forbid TLS versions
1.1 and 1.2.
c) ssl_session_timeout has sense only with SSL cache.
author | Sergey Budnevitch <sb@waeme.net> |
---|---|
date | Wed, 07 Aug 2013 20:01:43 +0400 |
parents | 1e90599af73b |
children | d22eb224aedf |
comparison
equal
deleted
inserted
replaced
5318:7094bd12c1ff | 5319:50f531a55b73 |
---|---|
94 | 94 |
95 | 95 |
96 # HTTPS server | 96 # HTTPS server |
97 # | 97 # |
98 #server { | 98 #server { |
99 # listen 443; | 99 # listen 443 ssl; |
100 # server_name localhost; | 100 # server_name localhost; |
101 | 101 |
102 # ssl on; | |
103 # ssl_certificate cert.pem; | 102 # ssl_certificate cert.pem; |
104 # ssl_certificate_key cert.key; | 103 # ssl_certificate_key cert.key; |
105 | 104 |
105 # ssl_session_cache shared:SSL:1m; | |
106 # ssl_session_timeout 5m; | 106 # ssl_session_timeout 5m; |
107 | 107 |
108 # ssl_protocols SSLv2 SSLv3 TLSv1; | |
109 # ssl_ciphers HIGH:!aNULL:!MD5; | 108 # ssl_ciphers HIGH:!aNULL:!MD5; |
110 # ssl_prefer_server_ciphers on; | 109 # ssl_prefer_server_ciphers on; |
111 | 110 |
112 # location / { | 111 # location / { |
113 # root html; | 112 # root html; |