mirror of
https://github.com/NginxProxyManager/nginx-proxy-manager.git
synced 2026-04-25 09:25:55 +03:00
[GH-ISSUE #1251] Provide the option to choose which SSL config Mode is used #1016
Labels
No labels
awaiting feedback
bug
cannot reproduce
dns provider request
duplicate
enhancement
enhancement
enhancement
good first issue
help wanted
invalid
need more info
no certbot plugin available
product-support
pull-request
question
stale
troll
upstream issue
v2
v2
v2
v3
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/nginx-proxy-manager-NginxProxyManager#1016
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @Nate-09 on GitHub (Jul 21, 2021).
Original GitHub issue: https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1251
This might be more of two enhancements, however both related to one another, upon checking the current ssl-ciphers.conf file which shows that it uses the intermediate SSL configuration for nginx which contains weak ciphers, however for more secure environments or applications, it would be beneficial to provide a selector to allow what preference we prefer to use, i.e. modern or intermediate ssl configuration.
Alternatively being able to select or manually update the conf files from the UI to choose which ciphers are being provided on a per host level would resolve this individually.
For Example

If we can select which TLS v1.2 Ciphers are in use like the following image we reduce attack surface from using weak ciphers completely.
Instead of the current TLSv1.2 ciphers in the ssl-ciphers.conf which shows a number of weak ciphers.

I'm currently looking to manage the ciphers list manually to resolve this as a workaround based off of the https://github.com/jc21/nginx-proxy-manager/issues/564
@Nate-09 commented on GitHub (Jul 22, 2021):
Closing as there is another enhancement for the same request https://github.com/jc21/nginx-proxy-manager/issues/951