Add a comment on why we are using backward compatible ciphers.
This commit is contained in:
parent
8ddb2be69a
commit
be14c7a83f
|
@ -65,6 +65,7 @@ server {
|
|||
ssl_certificate /etc/nginx/ssl/gitlab.crt;
|
||||
ssl_certificate_key /etc/nginx/ssl/gitlab.key;
|
||||
|
||||
# GitLab needs backwards compatible ciphers to retain compatibility with Java IDEs
|
||||
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4';
|
||||
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
|
|
Loading…
Reference in New Issue