Commit
Instead of creating a dummy certificate, we can return an SSL protocol error, which will generate a descriptive error message in the browser.
- Loading branch information
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -32,9 +32,7 @@ server { | |
server_name localhost; | ||
access_log /data/logs/fallback_access.log standard; | ||
error_log /dev/null crit; | ||
ssl_certificate /data/nginx/dummycert.pem; | ||
ssl_certificate_key /data/nginx/dummykey.pem; | ||
include conf.d/include/ssl-ciphers.conf; | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
TheBeeZee
via email
Author
Contributor
|
||
ssl_reject_handshake on; | ||
|
||
return 444; | ||
} |
1 comment
on commit a7f0c3b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This whole thing broke the ability to access nginx proxy manage on https
. Is there any other way to enable https?
that broked tlsv1.3 and the cipher suite definition