forked from Deuxfleurs/infrastructure
Allow only cipher suites recommended by Mozilla
Check https://ssl-config.mozilla.org/#server=traefik&version=1.7&config=intermediate&guideline=5.6
This commit is contained in:
parent
1f15d29eab
commit
3bb2cf9e93
1 changed files with 9 additions and 0 deletions
|
@ -14,6 +14,15 @@ defaultEntryPoints = ["http", "https"]
|
|||
address = ":443"
|
||||
compress = true
|
||||
[entryPoints.https.tls]
|
||||
minVersion = "VersionTLS12"
|
||||
cipherSuites = [
|
||||
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305",
|
||||
"TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305",
|
||||
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
|
||||
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
|
||||
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
|
||||
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"
|
||||
]
|
||||
|
||||
[ping]
|
||||
entrypoint = "admin"
|
||||
|
|
Loading…
Reference in a new issue