## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html ssl on; ssl_certificate {{SSL_CERTIFICATE_PATH}}; ssl_certificate_key {{SSL_KEY_PATH}}; ssl_verify_client {{SSL_VERIFY_CLIENT}}; ssl_client_certificate {{CA_CERTIFICATES_PATH}}; ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA...
## ssl_password_file {{SSL_PASSWORD_PATH}}; ssl_verify_client off; ssl_ciphers"EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH"; ssl_protocols TLSv1.2; ssl_session_cache builtin:1000shared:SSL:10m; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security max-age=31536000; #...
{{SSL_CERTIFICATE_PATH}}—— 您所获取的 SSL 证书路径; {{SSL_KEY_PATH}}—— SSL 证书私钥路径; {{SSL_VERIFY_CLIENT}}—— 是否启用客户端证书验证(具有以下可用值:on,off,optional和optional_no_ca); {{CA_CERTIFICATES_PATH}}—— 如果前一个参数为“on”,那么这里应填入需验证的客户端证书路径; ...
RC4;ssl_certificate"/var/www/httpd-cert/www-root/www.onlyoffice.域名.cn_le1.crtca";ssl_certificate_key"/var/www/httpd-cert/www-root/www.onlyoffice.域名.cn_le1.key";ssl_verify_client off;ssl_dhparam/etc/ssl/certs/dhparam4096.pem;add_header Strict-Transport-Security"max-age=31536000;";add...
补充OnlyOffice SSL 配置示例文件如下 ## Strong SSL Security ## https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html ssl on; ssl_certificate /etc/nginx/cert/214212938360415.pem; ssl_certificate_key /etc/nginx/cert/214212938360415.key; ssl_verify_client off; ssl_ciphers ECDHE-RSA-...
ssl_certificate_key /etc/xxx.key; #更改为你的子域名证书路径 # Uncomment string below and specify the path to the file with the password if you use encrypted certificate key # ssl_password_file {{SSL_PASSWORD_PATH}}; ssl_verify_client off; ...
# SSL_VERIFY_CLIENT: #Enable verification of client certificates using the CA_CERTIFICATES_PATH file. Defaults to false. # DB_TYPE: #The database type. Supported values are postgres, mariadb or mysql. Defaults to postgres. # DB_HOST: #The IP address or the name of the ...
ssl_verify_client off; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_prefer_server_ciphers on; ## [Optional] Before enabling Strict-Transport-Security headers, ensure your server is properly configured for SSL. ...
{{SSL_KEY_PATH}} - the path to the SSL certificate private key; {{SSL_VERIFY_CLIENT}} - whether or not the verification of client certificates is enabled (with available values of on, off, optional and optional_no_ca); {{CA_CERTIFICATES_PATH}} - the path to the client certificate wh...
{{SSL_VERIFY_CLIENT}}- whether or not the verification of client certificates is enabled (with available values ofon,off,optionalandoptional_no_ca); {{CA_CERTIFICATES_PATH}}- the path to the client certificate which will be verified if enabled with the previous parameter; ...