diff --git a/nginx.tmpl b/nginx.tmpl
index ee286fe..a59cd54 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -25,7 +25,8 @@
 {{ define "ssl_policy" }}
 	{{ if eq .ssl_policy "Mozilla-Modern" }}
 		ssl_protocols TLSv1.3;
-		{{/* ssl_ciphers is undefined in the Mozilla-Modern policy /*}}
+		{{/* nginx currently lacks ability to choose ciphers in TLS 1.3 in configuration, see https://trac.nginx.org/nginx/ticket/1529 /*}}
+		{{/* a possible workaround can be modify /etc/ssl/openssl.cnf to change it globally (see https://trac.nginx.org/nginx/ticket/1529#comment:12 ) /*}}
 		{{/* explicitly set ngnix default value in order to allow single servers to override the global http value */}}
 		ssl_ciphers HIGH:!aNULL:!MD5;
 		ssl_prefer_server_ciphers off;