diff options
| author | Simon Rettberg | 2017-03-29 11:55:00 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2017-03-29 11:55:00 +0200 |
| commit | ef07f65f73eaa07db6868c7765ad9a3b56e71de7 (patch) | |
| tree | d9fc9cdddfd066249a437ff6bc701ba3b608014e /satellit_installer | |
| parent | [SSPS] lighttpd: Add support for HTTPS redirection (diff) | |
| download | setup-scripts-ef07f65f73eaa07db6868c7765ad9a3b56e71de7.tar.gz setup-scripts-ef07f65f73eaa07db6868c7765ad9a3b56e71de7.tar.xz setup-scripts-ef07f65f73eaa07db6868c7765ad9a3b56e71de7.zip | |
[SSPS] We'll handle HSTS in PHP
Diffstat (limited to 'satellit_installer')
| -rwxr-xr-x | satellit_installer/static_files/lighttpd-auto-ssl.sh | 5 |
1 files changed, 0 insertions, 5 deletions
diff --git a/satellit_installer/static_files/lighttpd-auto-ssl.sh b/satellit_installer/static_files/lighttpd-auto-ssl.sh index b5ffc68..54f1cce 100755 --- a/satellit_installer/static_files/lighttpd-auto-ssl.sh +++ b/satellit_installer/static_files/lighttpd-auto-ssl.sh @@ -35,11 +35,6 @@ cat <<HEREDOC ssl.use-sslv3 = "disable" ssl.honor-cipher-order = "enable" ssl.cipher-list = "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS" - - # HSTS(15768000 seconds = 6 months) - setenv.add-response-header = ( - "Strict-Transport-Security" => "max-age=15768000;" - ) HEREDOC [ -s "$CHAIN" ] && echo " ssl.ca-file = \"$CHAIN\"" [ -s "$DHPARAM" ] && echo " ssl.dh-file = \"$DHPARAM\"" |