Update TLS configuration to Mozilla's "modern" spec

Details, see: - https://jve.linuxwall.info/blog/index.php?post/2014/10/09/Automated-configuration-analysis-for-Mozilla-s-TLS-guidelines - https://wiki.mozilla.org/Security/Server_Side_TLS Signed-off-by: Alan Orth <alan.orth@gmail.com>
2014-10-09 20:56:08 +03:00
parent ad90f7f0fb
commit ad8a704470
2 changed files with 2 additions and 2 deletions
--- a/roles/nginx/defaults/main.yml
+++ b/roles/nginx/defaults/main.yml
@ -8,7 +8,7 @@ nginx_confd_path: /etc/nginx/conf.d
 nginx_root_prefix: /var/www

 # TLS protocol versions to support
-nginx_tls_protocols: TLSv1 TLSv1.1 TLSv1.2
+nginx_tls_protocols: TLSv1.1 TLSv1.2

 # TLS key directory
 tls_key_dir: /etc/ssl/private