security scores and TLS config
nginx-forum at forum.nginx.org
Tue Jul 10 12:07:03 UTC 2018
With some experience in F5 and NetScaler world but still new to Nginx I have
been tasked with migrating 50+ public URLs to NGINX Plus configured as
keepalived HA pair. What would be best SSL configuration to achieve highest
security scores from Qaulys SSLLabs or BitSight ? Can someone recommend or
share current best SSL config ?
Alos, as for overall design what is an optimal design in such case ?
1. Single keepalived IP with server_name directives or separate IP for each
URL ? If separate IPs, do i have to list them in keepalived config ?
2. Is single SSL config file possible to share the same encryption settings
across all URLs ?
Obviously my goal here is to achieve high availability with A+ security
Any help will be highly appreciated.
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,280475,280475#msg-280475
More information about the nginx