From 481f7a48821b41ba9ad472bf0d5ec7d537acfee5 Mon Sep 17 00:00:00 2001
From: VirtuBox <contact@virtubox.net>
Date: Mon, 3 Sep 2018 18:39:32 +0200
Subject: [PATCH] new tls 1.3 ciphers suite

---
 etc/nginx/nginx.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf
index efca0a0..91455be 100644
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -71,12 +71,12 @@ http
     # SSL Settings
     ##
     ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
+    ssl_ciphers 'TLS13+AESGCM+AES128:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
     ssl_prefer_server_ciphers on;
     ssl_session_cache shared:SSL:50m;
     ssl_session_timeout 1d;
     ssl_session_tickets off;
-    ssl_ecdh_curve X25519:P-521:P-384:P-256;
+    ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1;
     
     ##Common headers for security
     more_set_headers "X-Frame-Options : SAMEORIGIN";