Security/Certificate/TLS: Difference between revisions
Jump to navigation
Jump to search
Created page with "==Disable » TLSv1 » TLSv1.1== ==Enable » TLSv1.2 » TLSv1.3== ===Enable » TLSv1.2 » TLSv1.3 » Nginx=== ===Enable » TLSv1.2 » TLSv1.3 » Apache=== ===Enable » TLSv1.2 » TLSv1.3 » HAProxy=== <syntaxhighlight lang="bash"> cd /etc/letsencrypt/live/;for d in *;do if [ -d "${d}" ];then cat ${d}/{fullchain,privkey}.pem|tee ${d}.pem >/dev/null;fi;done SSL_CRT_LIST="$(cd /etc/letsencrypt/live/;for d in *;do if [ -d "${d}" ];then printf "crt ${PWD}/${d}.pem ";fi;done)"..." |
|||
| Line 21: | Line 21: | ||
{| | {| | ||
|valign='top'| | |valign='top'| | ||
* [[Apache Basic Authentication|Security » HTTP » Basic Authentication]] | * [[Apache Basic Authentication|Security » HTTP » Basic Authentication]] | ||
* [[OpenLDAP/BackSQL|Security » OpenLDAP » BackSQL]] | * [[OpenLDAP/BackSQL|Security » OpenLDAP » BackSQL]] | ||
* [[Java Key Store|Security » Java » Key Store]] | * [[Java Key Store|Security » Java » Key Store]] | ||
* [[Java Mail API|Security » Java » Mail API]] | * [[Java Mail API|Security » Java » Mail API]] | ||
* [[Security/Certificate|Security » Certificate]] | |||
* [[Security/Password|Security » Password]] | * [[Security/Password|Security » Password]] | ||
* [[ZA Proxy|Security » ZA Proxy]] | * [[ZA Proxy|Security » ZA Proxy]] | ||
| Line 33: | Line 33: | ||
|valign='top'| | |valign='top'| | ||
* [[SSH/Public Key Authentication|Security » SSH » Public Key Authentication]] | |||
|valign='top'| | |valign='top'| | ||
Revision as of 09:19, 29 May 2025
Disable » TLSv1 » TLSv1.1
Enable » TLSv1.2 » TLSv1.3
Enable » TLSv1.2 » TLSv1.3 » Nginx
Enable » TLSv1.2 » TLSv1.3 » Apache
Enable » TLSv1.2 » TLSv1.3 » HAProxy
cd /etc/letsencrypt/live/;for d in *;do if [ -d "${d}" ];then cat ${d}/{fullchain,privkey}.pem|tee ${d}.pem >/dev/null;fi;done
SSL_CRT_LIST="$(cd /etc/letsencrypt/live/;for d in *;do if [ -d "${d}" ];then printf "crt ${PWD}/${d}.pem ";fi;done)"
cat << CFG | sudo tee /etc/haproxy/proxy-configs/shahed.biz-https-all.cfg >/dev/null
# ##############################################################################
# https frontend config for *.chorke.org, *.chorke.com, *.shahed.biz
# this config added by chorke academia, inc
frontend fnt_shahed_biz_ssl
bind *:443 ssl ${SSL_CRT_LIST}alpn h2,http/1.1 ssl-min-ver TLSv1.2 ssl-max-ver TLSv1.3
mode http
References
|
| ||