mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-11-22 11:56:31 +00:00
Added DHParam compatibility note
This commit is contained in:
parent
761bbf9dbc
commit
026ba7cdac
@ -184,6 +184,11 @@ at startup. Since it can take minutes to generate a new `dhparam.pem`, it is do
|
|||||||
background. Once generation is complete, the `dhparams.pem` is saved on a persistent volume and nginx
|
background. Once generation is complete, the `dhparams.pem` is saved on a persistent volume and nginx
|
||||||
is reloaded. This generation process only occurs the first time you start `nginx-proxy`.
|
is reloaded. This generation process only occurs the first time you start `nginx-proxy`.
|
||||||
|
|
||||||
|
> COMPATIBILITY WARNING: The default generated `dhparam.pem` key is 2048 bits for A+ security. Some
|
||||||
|
> older clients (like Java 6 and 7) do not support DH keys with over 1024 bits. In order to support these
|
||||||
|
> clients, you must either provide your own `dhparam.pem`, or tell `nginx-proxy` to generate a 1024-bit
|
||||||
|
> key on startup by passing `-e DHPARAM_BITS=1024`.
|
||||||
|
|
||||||
#### Wildcard Certificates
|
#### Wildcard Certificates
|
||||||
|
|
||||||
Wildcard certificates and keys should be named after the domain name with a `.crt` and `.key` extension.
|
Wildcard certificates and keys should be named after the domain name with a `.crt` and `.key` extension.
|
||||||
|
Loading…
Reference in New Issue
Block a user