Hi, I would like to append a few lines for ssl-related directives to the nginx_vhost.conf.master template rather than individually in /etc/nginx/sites-available/*.host: <QUOTE> ssl_stapling on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_prefer_server_ciphers on; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHAHE-RSA-AES128-SHA256HE-RSA-AES128-SHAHE-RSA-AES256-SHA256HE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK'; add_header Strict-Transport-Security "max-age=31536000;"; </QUOTE> Any input? Thanks!
@till's post here: https://www.howtoforge.com/communit...tives-for-apps-under-nginx.65673/#post-313011 solved my problem.
You might also consider putting all the directives into a single file, say /etc/nginx/additional-ssl.conf, and then including it with a single line: include additional-ssl.conf; on each website that requires it.
