I hereby claim:
- I am FluffyPancakes on github.
- I am fluffypancakes (https://keybase.io/fluffypancakes) on keybase.
- I have a public key whose fingerprint is 8A6D 8922 1521 4861 B5D1 45AA CF4E B446 D1FB 0F8B
To claim this, I am signing this object:
FluffyPancakes
/ keybase.md
Created
August 9, 2016 23:46
FluffyPancakes
/ nginx-ssl.conf
Created
June 24, 2016 21:09
Configuration to get an A+ on the Qualys SSL Labs test with fast performing and low overhead SSL ciphers. Works in combination with nginx 1.6.0 full and OpenSSL v1.0.1i.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # I've used the configuration below for all my nginx instances and gotten an A+ on the Qualys SSL Test | |
| # (https://www.ssllabs.com/ssltest/index.html). It satisfies requirements for PCI Compliance and | |
| # FIPS. Includes OCSP Stapling (http://en.wikipedia.org/wiki/OCSP_stapling) and HTTP Strict Transport | |
| # Security (http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security). | |
| # - Not vulnerable to the Heartbleed attack. | |
| # - Not vulnerable to the OpenSSL CCS vulnerability (CVE-2014-0224) with OpenSSL v1.0.1i 6 Aug 2014 & Nginx 1.6.0 | |
| # - SSL Handshake takes <80ms on most modern server hardware | |
| # Use within the "server" scope among other directives |