http2-http3.conf (941B)
1 # Drop-in placed by Ansible. 2 # Sets HTTP/2 and HTTP/3 (QUIC) globally inside the http{} context. 3 # All per-server listen/quic directives live in listen.conf.inc. 4 5 # FIXME: We still disable http2/http3 for now, 6 # due to networking issues with the taler-merchant. 7 8 http2 off; 9 http3 off; 10 quic_retry off; 11 12 ssl_early_data off; 13 14 # FIXME: comment-in later, upgrade fails if we put this immediately, 15 # we need to run once without, otherwise nginx will see these 16 # directives twice in different places and the setup script will fail. 17 # NOTE: remove the above comment AND the commented out lines 18 # below once spec has been updated once -- then update immediately 19 # again! 20 21 # ssl_prefer_server_ciphers on; 22 ## Note: session cache is shared across all services on this server 23 # ssl_session_cache shared:TLS:10m; 24 # ssl_dhparam /etc/ssl/private/dhparam.pem; 25 # ssl_protocols TLSv1.3 TLSv1.2; 26 # ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';