summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-09-06 09:56:06 +0200
committerJohn Estabrook <jestabro@vyos.io>2021-09-06 10:30:45 -0500
commit424c08b6a8710de99ea38d331875277ceeb6dfa3 (patch)
treeb3f3f3a031ed49a0a016b480f917987dabc27779
parent5ea56643b9c7a5c0edfeb6c19183a444d012dcbe (diff)
downloadvyos-1x-424c08b6a8710de99ea38d331875277ceeb6dfa3.tar.gz
vyos-1x-424c08b6a8710de99ea38d331875277ceeb6dfa3.zip
https: T2230: only support TLS1.2 and TLS1.3
(cherry picked from commit 7546e249708de3e0b4bf8f89912caf73265edd60)
-rw-r--r--data/templates/https/nginx.default.tmpl1
1 files changed, 1 insertions, 0 deletions
diff --git a/data/templates/https/nginx.default.tmpl b/data/templates/https/nginx.default.tmpl
index 4aaf0132f..26d0b5d73 100644
--- a/data/templates/https/nginx.default.tmpl
+++ b/data/templates/https/nginx.default.tmpl
@@ -38,6 +38,7 @@ server {
#
include snippets/snakeoil.conf;
{% endif %}
+ ssl_protocols TLSv1.2 TLSv1.3;
# proxy settings for HTTP API, if enabled; 503, if not
location ~ /(retrieve|configure|config-file|image|generate|show) {