|
|
@@ -4,7 +4,6 @@ http {
|
|
|
ssl_certificate cert/etherdream.com/ecc.cer;
|
|
|
ssl_certificate_key cert/etherdream.com/ecc.key;
|
|
|
listen 8443 ssl http2;
|
|
|
- listen 8080;
|
|
|
include api.conf;
|
|
|
}
|
|
|
resolver 1.1.1.1 ipv6=off;
|
|
|
@@ -16,9 +15,9 @@ http {
|
|
|
underscores_in_headers on;
|
|
|
|
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
- ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE+AES128:ECDHE+AES256:ECDHE+3DES;
|
|
|
- ssl_session_cache shared:SSL:10m;
|
|
|
- ssl_session_timeout 5m;
|
|
|
+ ssl_ciphers TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;
|
|
|
+ ssl_session_timeout 1d;
|
|
|
+ ssl_session_cache shared:SSL:30m;
|
|
|
ssl_prefer_server_ciphers on;
|
|
|
|
|
|
limit_req_log_level warn;
|
zjcqoo