diff options
author | Guilhem Moulin <guilhem@fripost.org> | 2016-07-12 17:27:24 +0200 |
---|---|---|
committer | Guilhem Moulin <guilhem@fripost.org> | 2016-07-12 17:27:24 +0200 |
commit | e8cdae5ccc1aba3dc1e9991cce2942fdf93cabcb (patch) | |
tree | 81ca522ae1c3ae53479d0fd6fb5560fa4b0d4a99 | |
parent | ab90bbd0a1983d8571a030fcd9d95d8576a0e8bc (diff) |
HSTS: use the standard capitalization of includeSubDomains.
Cf. RFC 6797 sec. 6.1.2.
-rw-r--r-- | roles/common-web/files/etc/nginx/snippets/ssl.conf | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/common-web/files/etc/nginx/snippets/ssl.conf b/roles/common-web/files/etc/nginx/snippets/ssl.conf index 4e2da6e..09082e7 100644 --- a/roles/common-web/files/etc/nginx/snippets/ssl.conf +++ b/roles/common-web/files/etc/nginx/snippets/ssl.conf @@ -19,7 +19,7 @@ ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECD ssl_prefer_server_ciphers on; # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months) -add_header Strict-Transport-Security 'max-age=15768000; includeSubdomains'; +add_header Strict-Transport-Security 'max-age=15768000; includeSubDomains'; # OCSP Stapling: fetch OCSP records from URL in ssl_certificate and cache them # https://github.com/jsha/ocsp-stapling-examples/blob/master/nginx.conf |