aljaz/bitcoin-tutorials
1
1
Fork 0
mirror of https://github.com/openoms/bitcoin-tutorials.git synced 2025-12-19 04:54:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

update to TLSv1.3, remove v1.1

Browse Source
This commit is contained in:
openoms
2022-02-14 08:21:54 +00:00
parent a191aaf595
commit ed73246b1d
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
nginx/README.md
View File

@@ -5,7 +5,7 @@
In this example configuration a redirect is added to the mempool instance on the LAN: In this example configuration a redirect is added to the mempool instance on the LAN:
To download, check and run: To download, check and run:
``` ```
wget https://raw.githubusercontent.com/openoms/bitcoin-tutorials/master/nginx/custom_website_subdomain.sh wget -O custom_website_subdomain.sh https://raw.githubusercontent.com/openoms/bitcoin-tutorials/master/nginx/custom_website_subdomain.sh
cat custom_website_subdomain.sh cat custom_website_subdomain.sh
@@ -17,7 +17,8 @@ bash custom_website_subdomain.sh
In this example configuration a redirect and SSL encryption added to a Fulcrum instance. In this example configuration a redirect and SSL encryption added to a Fulcrum instance.
To download, check and run: To download, check and run:
``` ```
wget https://raw.githubusercontent.com/openoms/bitcoin-tutorials/master/nginx/electrum_server_subdomain.sh wget -O electrum_server_subdomain.sh
https://raw.githubusercontent.com/openoms/bitcoin-tutorials/master/nginx/electrum_server_subdomain.sh
cat electrum_server_subdomain.sh cat electrum_server_subdomain.sh
@@ -30,7 +31,7 @@ Have a look through the script here: [bonus.SSL_for_RTL.sh](bonus.SSL_for_RTL.sh
To download, check and run: To download, check and run:
``` ```
wget https://github.com/openoms/bitcoin-tutorials/raw/master/nginx/bonus.SSL_for_RTL.sh wget -O bonus.SSL_for_RTL.sh https://github.com/openoms/bitcoin-tutorials/raw/master/nginx/bonus.SSL_for_RTL.sh
cat bonus.SSL_for_RTL.sh cat bonus.SSL_for_RTL.sh

2
nginx/custom_website_subdomain.sh
View File

@@ -36,7 +36,7 @@ server {
ssl_session_timeout 1d; ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m; ssl_session_cache shared:SSL:50m;
ssl_session_tickets off; ssl_session_tickets off;
ssl_protocols TLSv1.1 TLSv1.2; ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK'; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK';
ssl_prefer_server_ciphers on; ssl_prefer_server_ciphers on;
ssl_stapling on; ssl_stapling on;