Add ssl_ecdh_curve and ssl_buffer_size directives (#252)

This commit is contained in:
Estefano Gonçalves 2020-05-25 12:59:38 +01:00 committed by GitHub
parent 3db516413e
commit 5a35dc3271
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 0 deletions

View File

@ -114,6 +114,8 @@ nginx_http_template:
trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt
stapling: true stapling: true
stapling_verify: true stapling_verify: true
buffer_size: 16k
ecdh_curve: auto
sub_filter: sub_filter:
# sub_filters: [] # sub_filters: []
last_modified: "off" last_modified: "off"

View File

@ -116,6 +116,12 @@ server {
{% if item.value.servers[server].ssl.stapling_verify is defined and item.value.servers[server].ssl.stapling_verify %} {% if item.value.servers[server].ssl.stapling_verify is defined and item.value.servers[server].ssl.stapling_verify %}
ssl_stapling_verify on; ssl_stapling_verify on;
{% endif %} {% endif %}
{% if item.value.servers[server].ssl.ecdh_curve is defined and item.value.servers[server].ssl.ecdh_curve %}
ssl_ecdh_curve {{ item.value.servers[server].ssl.ecdh_curve }};
{% endif %}
{% if item.value.servers[server].ssl.buffer_size is defined and item.value.servers[server].ssl.buffer_size %}
ssl_buffer_size {{ item.value.servers[server].ssl.buffer_size }};
{% endif %}
{% endif %} {% endif %}
{% if item.value.servers[server].include_files is defined and item.value.servers[server].include_files | length %} {% if item.value.servers[server].include_files is defined and item.value.servers[server].include_files | length %}
{% for file in item.value.servers[server].include_files %} {% for file in item.value.servers[server].include_files %}