ansible/xoxys.nginx
1
0
Fork 0
Code Issues Pull Requests Releases Activity

change default ciphers

Browse Source
This commit is contained in:
Robert Kaussow 2018-12-09 23:23:02 +01:00
parent 797dc481c1
commit 844f640036
1 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
defaults/main.yml
View File

@ -63,9 +63,11 @@ nginx_tls_key_file: mykey.pem
# nginx_tls_dhparam_size: # defaults to 2048 # nginx_tls_dhparam_size: # defaults to 2048
nginx_tls_ciphers: nginx_tls_ciphers:
- ECDHE-ECDSA-CHACHA20-POLY1305 - ECDHE-RSA-AES256-GCM-SHA512
- ECDHE-ECDSA-AES128-GCM-SHA256 - DHE-RSA-AES256-GCM-SHA512
- ECDHE-ECDSA-AES128-SHA - ECDHE-RSA-AES256-GCM-SHA384
- DHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-AES256-SHA384
nginx_tls_ocsp_enabled: False nginx_tls_ocsp_enabled: False
# nginx_tls_ocsp_trusted_certificate: # defaults to not set # nginx_tls_ocsp_trusted_certificate: # defaults to not set