Fixed misleading example SSL config. a) ssl as listen parameter is preferable. b) ssl_protocols defaults are better because they do not forbid TLS versions 1.1 and 1.2. c) ssl_session_timeout has sense only with SSL cache.
diff --git a/conf/nginx.conf b/conf/nginx.conf index 3bb3389..27b8e03 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf
@@ -96,16 +96,15 @@ # HTTPS server # #server { - # listen 443; + # listen 443 ssl; # server_name localhost; - # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; + # ssl_session_cache shared:SSL:1m; # ssl_session_timeout 5m; - # ssl_protocols SSLv2 SSLv3 TLSv1; # ssl_ciphers HIGH:!aNULL:!MD5; # ssl_prefer_server_ciphers on;