Allow only cipher suites recommended by Mozilla
Check https://ssl-config.mozilla.org/#server=traefik&version=1.7&config=intermediate&guideline=5.6
This commit is contained in:
parent
1f15d29eab
commit
3bb2cf9e93
1 changed files with 9 additions and 0 deletions
|
|
@ -14,6 +14,15 @@ defaultEntryPoints = ["http", "https"]
|
||||||
address = ":443"
|
address = ":443"
|
||||||
compress = true
|
compress = true
|
||||||
[entryPoints.https.tls]
|
[entryPoints.https.tls]
|
||||||
|
minVersion = "VersionTLS12"
|
||||||
|
cipherSuites = [
|
||||||
|
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
|
||||||
|
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
|
||||||
|
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
|
||||||
|
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||||
|
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
|
||||||
|
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
|
||||||
|
]
|
||||||
|
|
||||||
[ping]
|
[ping]
|
||||||
entrypoint = "admin"
|
entrypoint = "admin"
|
||||||
|
|
|
||||||
Reference in a new issue