[IMP]Nginx TLS cache shared with more time (can lead to troubles in some cases...)

This commit is contained in:
Fabien BOURGEOIS 2017-09-14 10:23:47 +02:00
parent d4f0483cb2
commit d32840e40a

View File

@ -8,7 +8,7 @@ server {
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS; # Logjam and co
ssl_prefer_server_ciphers on; # Logjam
ssl_dhparam /etc/nginx/certs/dhparams.pem; # Logjam
ssl_session_cache shared:TLS:2m;
ssl_session_cache shared:TLS:10m;
# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;