802
edits
Changes
Apache 2.4.39 - OpenSSL 1.1.0k (view source)
Revision as of 11:24, 24 September 2019
, 11:24, 24 September 2019no edit summary
Below is a SSL configuration for the nginx web server version 1.17.0, using OpenSSL version 1.1.1. This configuration file was generated by the [https://ssl-config.mozilla.org/ Mozilla SSL Configuration Generator.]
Below is a SSL configuration for the nginx web server version 1.1, using OpenSSL version 1.1.1. This configuration file was generated by the [https://ssl-config.mozilla.org/ Mozilla SSL Configuration Generator.]
<pre>
<pre>
# generated 2019-09-09, https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate&openssl-version=1.1.0k
# generated 2019-09-09, https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=intermediate&openssl-version=1.1.0k
# requires mod_ssl, mod_socache_shmcb, mod_rewrite, and mod_headers
# requires mod_ssl, mod_socache_shmcb, mod_rewrite, and mod_headers
<VirtualHost *:80>
<VirtualHost *:80>
RewriteEngine On
RewriteEngine On
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
</VirtualHost>
</VirtualHost>
<VirtualHost *:443>
<VirtualHost *:443>
SSLEngine on
SSLEngine on
# curl https://ssl-config.mozilla.org/ffdhe2048.txt >> /path/to/signed_cert_and_intermediate_certs_and_dhparams
# curl https://ssl-config.mozilla.org/ffdhe2048.txt >> /path/to/signed_cert_and_intermediate_certs_and_dhparams
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
Header always set Strict-Transport-Security "max-age=63072000"
</VirtualHost>
</VirtualHost>