summaryrefslogtreecommitdiff
path: root/apache2/conf.d/local-gnutls.conf
diff options
context:
space:
mode:
Diffstat (limited to 'apache2/conf.d/local-gnutls.conf')
-rw-r--r--apache2/conf.d/local-gnutls.conf16
1 files changed, 0 insertions, 16 deletions
diff --git a/apache2/conf.d/local-gnutls.conf b/apache2/conf.d/local-gnutls.conf
deleted file mode 100644
index d09a06b..0000000
--- a/apache2/conf.d/local-gnutls.conf
+++ /dev/null
@@ -1,16 +0,0 @@
-GnuTLSEnable on
-
-# based on <https://blog.joelj.org/ecdsa-certificates-with-apache-2-4-lets-encrypt/>
-# * only strong EC crypto suites supporting Perfect Forward Secrecy
-# * supported by all SNI-capable browsers
-# Options:
-# * drop %SAFE_RENEGOTIATION for Safari 5.1.9 / OS X 10.6.8 support
-# * add 3DES-CBS after AES-128-CBC for Android 2.3.7 support on non-SNI hosts
-# * add CHACHA20-POLY1305 after ECDHE-ECDSA with libgnutls >= 3.4.0
-GnuTLSPriorities NONE:+ECDHE-ECDSA:+AES-256-GCM:+AES-128-GCM:+AES-256-CBC:+AES-128-CBC:+AEAD:+SHA384:+SHA256:+SHA1:+CTYPE-X509:+VERS-TLS-ALL:-VERS-SSL3.0:+COMP-NULL:+CURVE-SECP384R1:+SIGN-ECDSA-SHA512:+SIGN-ECDSA-SHA384:+SIGN-ECDSA-SHA256:+SIGN-ECDSA-SHA224:%SERVER_PRECEDENCE:%SAFE_RENEGOTIATION
-
-GnuTLSCertificateFile /etc/ssl/certs/apache2+cacert.org.pem
-GnuTLSKeyFile /etc/ssl/private/apache2.pem
-
-# HSTS: http://www.debian-administration.org/articles/662
-Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 04:43:23 +0000