Changes between Initial Version and Version 1 of Ticket #2101, comment 3
- Timestamp:
- 02/04/21 18:11:33 (4 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Ticket #2101, comment 3
initial v1 4 4 - generally on the top-level (inside `http {}`) one should be able to set all general TLS settings globally (as those make no sense inside server blocks), but leaving out the certificates and certificate chains for stapling 5 5 - certificates should be given in the `server {}` directives 6 - in the default server one should give the new nginx option to close connection, if SNI hostname is not given . A certificate in default server block is not needed6 - in the default server one should give the new nginx option to close connection, if SNI hostname is not given (using `ssl_reject_handshake on;`). A certificate in default server block is not needed 7 7 8 8 With this setup you have a server that is very strict:
