pk/atst - atst - Git @ Eloquent Bits Inc.

pk/atst

Fork 0

Commit Graph

Author	SHA1	Message	Date
dandds	26cc4ce79a	Disable cipher export for TLS negotiation. In order to meet compliance requirements, this adds the EXPORT option to NGINX's ssl_cipher config. Extended discussion here: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html	2020-01-29 16:48:33 -05:00
tomdds	df6ab4a016	Fix some formatting problems in nginx configs	2019-12-02 15:45:16 -05:00
dandds	a3aa3e6935	Config for NGINX SSL/TLS. This adds additional SSL/TLS config to specify the acceptable TLS version, cipher suites, session cache, etc. Values are currently based on the Mozilla Foundation's recommendations for intermediate compatibility: https://wiki.mozilla.org/Security/Server_Side_TLS We will manage NGINX configuration snippets as a K8s ConfigMap so that they can be included in server blocks as-needed.	2019-12-02 15:45:16 -05:00

Author

SHA1

Message

Date

dandds

26cc4ce79a

Disable cipher export for TLS negotiation.

In order to meet compliance requirements, this adds the EXPORT option to
NGINX's ssl_cipher config. Extended discussion here:

https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

2020-01-29 16:48:33 -05:00

tomdds

df6ab4a016

Fix some formatting problems in nginx configs

2019-12-02 15:45:16 -05:00

dandds

a3aa3e6935

Config for NGINX SSL/TLS.

This adds additional SSL/TLS config to specify the acceptable TLS
version, cipher suites, session cache, etc. Values are currently based
on the Mozilla Foundation's recommendations for intermediate
compatibility:

https://wiki.mozilla.org/Security/Server_Side_TLS

We will manage NGINX configuration snippets as a K8s ConfigMap so that
they can be included in server blocks as-needed.

2019-12-02 15:45:16 -05:00

3 Commits