Caddy 1.0 - OpenSSL 1.1.1

From wiki
Jump to navigation Jump to search

Below is a SSL configuration for the Caddy web server version 1.0, using OpenSSL version 1.1.1. This configuration file was generated by the Mozilla SSL Configuration Generator.

# generated 2019-09-12, https://ssl-config.mozilla.org/#server=caddy&server-version=1.0.0&config=intermediate
# note that Caddy automatically configures safe TLS settings

# replace example.com with your domain name
example.com

# Due to a lack of DHE support, you -must- use an ECDSA cert to support IE 11 on Windows 7
tls {
    protocols tls1.2 tls1.3
    ciphers ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-WITH-CHACHA20-POLY1305 ECDHE-RSA-WITH-CHACHA20-POLY1305
}

# HSTS (63072000 seconds)
header / Strict-Transport-Security "max-age=63072000"