19 lines
445 B
Plaintext
19 lines
445 B
Plaintext
# SSL/TLS Params - Requisitos: Nginx com HTTP/3
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers off;
|
|
|
|
# HSTS
|
|
add_header Strict-Transport-Security "max-age=63072000" always;
|
|
|
|
# HTTP/3 (QUIC) Alt-Svc
|
|
add_header Alt-Svc 'h3=":443"; ma=86400';
|
|
http3 on;
|
|
quic_retry on;
|
|
# http3_max_concurrent_streams 128; # Opcional: Tuning
|
|
|
|
# OCSP Stapling
|
|
ssl_stapling on;
|
|
ssl_stapling_verify on;
|
|
resolver 1.1.1.1 8.8.8.8 valid=300s;
|
|
resolver_timeout 5s;
|