Merge pull request 'remove comment about old openssl versions in nginx config' (...

author floatingghost <hannah@coffee-and-dreams.uk>

Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)

committer floatingghost <hannah@coffee-and-dreams.uk>

Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)
author floatingghost <hannah@coffee-and-dreams.uk>
Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)
committer floatingghost <hannah@coffee-and-dreams.uk>
Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)
diff --git a/installation/nginx/akkoma.nginx b/installation/nginx/akkoma.nginx

index 7727166777d7a4754993c9868ffe6718234ddfc1..18d92f30f8f3a8b3511505f91134a17ce5fa5e18 100644 (file)
--- a/installation/nginx/akkoma.nginx
+++ b/installation/nginx/akkoma.nginx
@@ -54,8 +54,6 @@ server {
      ssl_protocols TLSv1.2 TLSv1.3;
      ssl_ciphers "ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
      ssl_prefer_server_ciphers off;
-    # In case of an old server with an OpenSSL version of 1.0.2 or below,
-    # leave only prime256v1 or comment out the following line.
      ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
      ssl_stapling on;
      ssl_stapling_verify on;
author	floatingghost <hannah@coffee-and-dreams.uk>
	Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)
committer	floatingghost <hannah@coffee-and-dreams.uk>
	Fri, 30 Dec 2022 02:53:48 +0000 (02:53 +0000)