strict cipher suite definitions

2017-09-14 14:42:33 +02:00 · 2017-09-14 14:42:33 +02:00 · 4db19ba453
parent 5bf046ee78
commit 4db19ba453
1 changed files with 1 additions and 1 deletions
--- a/conf/passbolt.conf
+++ b/conf/passbolt.conf
@ -55,7 +55,7 @@ server {
  ssl_certificate_key /etc/ssl/certs/certificate.key;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
-  ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
+  ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
  ssl_session_tickets off;
  add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
  add_header X-Frame-Options DENY;