Update fusionpbx

Added :!aNULL to nginx SSL config to exclude anon ciphers.
2016-10-14 21:45:49 -06:00 · 2016-10-14 21:45:49 -06:00 · f2946b66c9
parent 02057e68dc
commit f2946b66c9
1 changed files with 1 additions and 1 deletions
--- a/debian/resources/nginx/fusionpbx
+++ b/debian/resources/nginx/fusionpbx
@ -118,7 +118,7 @@ server {
 	ssl_certificate         /etc/ssl/certs/nginx.crt;
 	ssl_certificate_key     /etc/ssl/private/nginx.key;
 	ssl_protocols           TLSv1 TLSv1.1 TLSv1.2;
-	ssl_ciphers             HIGH:!ADH:!MD5;
+	ssl_ciphers             HIGH:!ADH:!MD5:!aNULL;

 	#REST api
 	if ($uri ~* ^.*/api/.*$) {