dwolfhub · January 20, 2015 05:00
diff --git a/optimal-nginx-ssl b/optimal-nginx-ssl
 server {
    server_name                www.example.com;
    listen                     443;
    ssl                        on;
    ssl_certificate            /path/to/ssl-bundle.crt;
    ssl_certificate_key        /path/to/private.key;
    ssl_session_timeout        5m;
    ssl_prefer_server_ciphers  On;
    ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers                ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
    ssl_session_cache          shared:SSL:10m;
 }
	server {
	server_name www.example.com;
	listen 443;
	ssl on;
	ssl_certificate /path/to/ssl-bundle.crt;
	ssl_certificate_key /path/to/private.key;
	ssl_session_timeout 5m;
	ssl_prefer_server_ciphers On;
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
	ssl_session_cache shared:SSL:10m;
	}