Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use different ways to set ciphers for TLS 1.3 #14

Merged
merged 5 commits into from
Jan 31, 2023
Merged

Use different ways to set ciphers for TLS 1.3 #14

merged 5 commits into from
Jan 31, 2023

Commits on Jan 30, 2023

  1. Use different ways to set ciphers for TLS 1.3 

    Openssl have a different way to set ciphers for TLS 1.3. If you using
ssl_ciphers with only TLS 1.3 nginx will fail to start. You need to use
"ssl_conf_command Ciphersuites" command in nginx.

I implement it that way that I check in the template if tls version is
set to 1.3 if so use the new syntax.

Links:
https://forum.nginx.org/read.php?11,287698
mozilla/ssl-config-generator#124
https://wiki.openssl.org/index.php/TLS1.3
    Daniel Goeke committed Jan 30, 2023
    Configuration menu
    Copy the full SHA
    2a42fd3 View commit details
    Browse the repository at this point in the history

Commits on Jan 31, 2023

  1. Add ssl_conf_command to template. 

    Intoduce also a ssl_conf_command variable to modify the values.
    Daniel Goeke committed Jan 31, 2023
    Configuration menu
    Copy the full SHA
    a13207a View commit details
    Browse the repository at this point in the history

  2. Add example with values to pillar.example 

    Updated test related to the pillar change.
    Daniel Goeke committed Jan 31, 2023
    Configuration menu
    Copy the full SHA
    0816f86 View commit details
    Browse the repository at this point in the history

  3. Update pillar.example 

    Co-authored-by: Chris Aumann <[email protected]>
    @dgo- @chr4
    dgo- and chr4 authored Jan 31, 2023
    Configuration menu
    Copy the full SHA
    a8a0909 View commit details
    Browse the repository at this point in the history

  4. Update pillar.example 

    Co-authored-by: Chris Aumann <[email protected]>
    @dgo- @chr4
    dgo- and chr4 authored Jan 31, 2023
    Configuration menu
    Copy the full SHA
    dd5f3eb View commit details
    Browse the repository at this point in the history