mirror of
https://github.com/certbot/certbot.git
synced 2026-06-05 23:04:39 -04:00
38 lines
1.2 KiB
Nginx Configuration File
38 lines
1.2 KiB
Nginx Configuration File
mail {
|
|
#auth_http unix:/path/socket:/cgi-bin/auth;
|
|
auth_http localhost:9000/cgi-bin/auth;
|
|
|
|
proxy on;
|
|
starttls on; ## enable STARTTLS for all mail servers
|
|
|
|
# The SSL part can be put in a separate configuration file,
|
|
# e.g., in the case of an SSL offloader / caching proxy.
|
|
# In that case, only the ssl_certificate* needs to be set here (or in server block.)
|
|
# The config assumes certificates in /etc/nginx/ssl/ and
|
|
# private keys in /etc/nginx/ssl/private/
|
|
ssl on;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_protocols TLSv1 SSLv3;
|
|
ssl_ciphers HIGH:!ADH:!MD5:@STRENGTH;
|
|
ssl_session_cache shared:TLSSL:16m;
|
|
ssl_session_timeout 10m;
|
|
## default SSL cert. Each host should have its own.
|
|
ssl_certificate ssl/wildcard.crt;
|
|
ssl_certificate_key ssl/private/wildcard.key;
|
|
|
|
## default, STARTTLS is appended because of starttls directive above
|
|
imap_capabilities "IMAP4rev1" "UIDPLUS";
|
|
server {
|
|
listen 143;
|
|
protocol imap;
|
|
server_name mx.example.org;
|
|
}
|
|
|
|
## uncomment to enable POP3 proxy
|
|
# pop3_capabilities "TOP" "USER";
|
|
# server {
|
|
# listen 110;
|
|
# protocol pop3;
|
|
# }
|
|
|
|
}
|