2019-02-22 18:47:37 +00:00
|
|
|
bind = '0.0.0.0:443'
|
|
|
|
workers = 2
|
2019-02-22 21:55:24 +00:00
|
|
|
accesslog = '-'
|
2019-02-22 18:47:37 +00:00
|
|
|
|
|
|
|
# mTLS configuration with TLSv1.2 and requiring and validating client
|
|
|
|
# certificates
|
|
|
|
ssl_version = 5 # ssl.PROTOCOL_TLSv1_2
|
|
|
|
cert_reqs = 2 # ssl.CERT_REQUIRED
|
|
|
|
ciphers = 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256'
|
|
|
|
ca_certs = '/var/run/autocert.step.sm/root.crt'
|
|
|
|
certfile = '/var/run/autocert.step.sm/site.crt'
|
|
|
|
keyfile = '/var/run/autocert.step.sm/site.key'
|
|
|
|
|
|
|
|
|