x

https.d/api.conf

@@ -1,5 +1,11 @@
 server {
-  listen       9600;
+  listen       9600 ssl;
+  ssl_certificate /data/ssl/tls.crt;
+  ssl_certificate_key /data/ssl/tls.key;
+  ssl_session_timeout 5m;
+  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
   # ssl on;
   # ssl_certificate /data/ssl/tls.crt;
   # ssl_certificate_key /data/ssl/tls.key;

https.d/dcm.conf

@@ -1,5 +1,11 @@
 server {
-	listen       9999;
+	listen       9999 ssl;
+  ssl_certificate /data/ssl/tls.crt;
+  ssl_certificate_key /data/ssl/tls.key;
+  ssl_session_timeout 5m;
+  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
   access_log  /data/logs/nginx/dcm/access.log;
   error_log   /data/logs/nginx/dcm/error.log;
 	root html;

https.d/html.conf

@@ -1,7 +1,5 @@
 server {
   listen       9602 ssl;
-
-  #ssl on;
   ssl_certificate /data/ssl/tls.crt;
   ssl_certificate_key /data/ssl/tls.key;
   ssl_session_timeout 5m;

https.d/pacsview.conf

@@ -1,5 +1,11 @@
 server {
-  listen       9603;
+  listen       9603 ssl;
+  ssl_certificate /data/ssl/tls.crt;
+  ssl_certificate_key /data/ssl/tls.key;
+  ssl_session_timeout 5m;
+  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_prefer_server_ciphers on;
   #client_header_buffer_size 16M;
   #large_client_header_buffers 4 16M;
   access_log  /data/logs/nginx/pacsview/access.log;