ssl labs nginx config/ciphers – a+ rating

How to get the a+ rating from ssl labs. Here is my nginx config with the ciphers:


vim /etc/nginx/nginx.conf

 # SSL Settings

 ssl_session_timeout 5m;
 ssl_prefer_server_ciphers on;
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
 #add_header Strict-Transport-Security max-age=15768000; # six months
 #use this only if all subdomains support HTTPS!
 add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
 ssl_dhparam /etc/nginx/dhparams.pem;
cd /etc/nginx/

#generate own diffie hellmann parameters
openssl dhparam -out dhparams.pem 4096

systemctl restart nginx

About The Author

Kommentar verfassen

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Scroll to Top