github.com/dustinrc/deis@v1.10.1-0.20150917223407-0894a5fb979e/router/rootfs/etc/confd/templates/ssl.conf (about) 1 # set the allowed protocols 2 ssl_protocols {{ or (getv "/deis/router/sslProtocols") "TLSv1 TLSv1.1 TLSv1.2" }}; 3 4 # turn on session caching to drastically improve performance 5 {{ if exists "/deis/router/sslSessionCache" }} 6 ssl_session_cache {{ getv "/deis/router/sslSessionCache" }}; 7 ssl_session_timeout {{ or (getv "/deis/router/sslSessionTimeout") "10m" }}; 8 {{ end }} 9 10 # allow configuring ssl session tickets 11 ssl_session_tickets {{ or (getv "/deis/router/sslSessionTickets") "on" }}; 12 13 # slightly reduce the time-to-first-byte 14 ssl_buffer_size {{ or (getv "/deis/router/sslBufferSize") "4k" }}; 15 16 # allow configuring custom ssl ciphers 17 {{ if exists "/deis/router/sslCiphers" }} 18 ssl_ciphers '{{ getv "/deis/router/sslCiphers" }}'; 19 ssl_prefer_server_ciphers on; 20 {{ end }} 21 22 # allow custom DH parameters 23 {{ if exists "/deis/router/sslDhparam" }} 24 ssl_dhparam /etc/ssl/dhparam.pem; 25 {{ end }}