Klaus Demo nginx / be27365
Fixed misleading example SSL config. a) ssl as listen parameter is preferable. b) ssl_protocols defaults are better because they do not forbid TLS versions 1.1 and 1.2. c) ssl_session_timeout has sense only with SSL cache. Sergey Budnevitch 9 years ago
1 changed file(s) with 2 addition(s) and 3 deletion(s). Raw diff Collapse all Expand all
9595 # HTTPS server
9696 #
9797 #server {
98 # listen 443;
98 # listen 443 ssl;
9999 # server_name localhost;
100100
101 # ssl on;
102101 # ssl_certificate cert.pem;
103102 # ssl_certificate_key cert.key;
104103
104 # ssl_session_cache shared:SSL:1m;
105105 # ssl_session_timeout 5m;
106106
107 # ssl_protocols SSLv2 SSLv3 TLSv1;
108107 # ssl_ciphers HIGH:!aNULL:!MD5;
109108 # ssl_prefer_server_ciphers on;
110109