Fixed warning message about HTTP/2 on Alpine. Added additional cipher (DHE-RSA-CHACHA20-POLY1305) for all Nginx images

2025-08-09 16:45:05 +02:00 · 2025-01-08 15:43:20 +09:00
parent 83d8153f90
commit 6b3047d55b
10 changed files with 18 additions and 14 deletions
--- a/Dockerfiles/web-nginx-pgsql/rhel/conf/etc/zabbix/nginx_ssl.conf
+++ b/Dockerfiles/web-nginx-pgsql/rhel/conf/etc/zabbix/nginx_ssl.conf
@ -26,7 +26,7 @@ server {

    # intermediate configuration
    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
+    ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
    ssl_prefer_server_ciphers off;

    # HSTS (ngx_http_headers_module is required) (63072000 seconds)