mirror of
https://github.com/nginx/nginx.git
synced 2024-11-23 20:19:02 +08:00
Fixed misleading example SSL config.
a) ssl as listen parameter is preferable. b) ssl_protocols defaults are better because they do not forbid TLS versions 1.1 and 1.2. c) ssl_session_timeout has sense only with SSL cache.
This commit is contained in:
parent
74dfd08957
commit
be27365bb1
@ -96,16 +96,15 @@ http {
|
||||
# HTTPS server
|
||||
#
|
||||
#server {
|
||||
# listen 443;
|
||||
# listen 443 ssl;
|
||||
# server_name localhost;
|
||||
|
||||
# ssl on;
|
||||
# ssl_certificate cert.pem;
|
||||
# ssl_certificate_key cert.key;
|
||||
|
||||
# ssl_session_cache shared:SSL:1m;
|
||||
# ssl_session_timeout 5m;
|
||||
|
||||
# ssl_protocols SSLv2 SSLv3 TLSv1;
|
||||
# ssl_ciphers HIGH:!aNULL:!MD5;
|
||||
# ssl_prefer_server_ciphers on;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user