Julien Palard
b2af1120f9
While proofreading the config, and checking if it was up to date according to: - Mozilla recommandations - SSLtest - testssl.sh I spotted an issue in the HSTS header: $ curl -I https://afpy.org [...] Strict-Transport-Security: max-age=63072000; always the `always` part is an nginx config token, not a cookie value. So I simplified the conf so we can more easily copy/paste from Mozilla generator, which obviously removed the bug. |
||
---|---|---|
.. | ||
letsencrypt.conf.j2 |