Revert "Use default ciphers for default ssl host to prevent confusing browser errors"

jlesage · jlesage · commit 7f8b185e48f9 · 2018-11-26T06:38:24.000-05:00
This reverts commit f987632. This is to make sure the browser doesn't show a certificate warning (for a connection that will be dropped anyway) by breaking the SSL handshake early.
diff --git a/rootfs/etc/nginx/conf.d/default.conf b/rootfs/etc/nginx/conf.d/default.conf
@@ -46,7 +46,7 @@ server {
 
   ssl_certificate /data/nginx/dummycert.pem;
   ssl_certificate_key /data/nginx/dummykey.pem;
-  include conf.d/include/ssl-ciphers.conf;
+  ssl_ciphers aNULL;
 
   return 444;
 }

Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ server {`
`46`	`46`
`47`	`47`	`ssl_certificate /data/nginx/dummycert.pem;`
`48`	`48`	`ssl_certificate_key /data/nginx/dummykey.pem;`
`49`		`- include conf.d/include/ssl-ciphers.conf;`
	`49`	`+ ssl_ciphers aNULL;`
`50`	`50`
`51`	`51`	`return 444;`
`52`	`52`	`}`