ops / cfe-nginx-php-fpm · Commits

Commit b17c192ae30d97130b8a7aea9274c852fe995d80

Authored by Earth Ugat
1 parent 1794df18

Bump to v0.4.3. Fix nginx SSL config missing directives.

Inline Side-by-side
Showing 3 changed files with 8 additions and 1 deletions
  1 +## 0.4.3 - 2016-10-06
  2 +### Fixed
  3 +- Missing ssl key and cert clauses in the "catch_all" blocks in the nginx config causes an error during SSL handshake if HTTPS is used.
  4 +
1 ## 0.4.2 - 2016-09-09 5 ## 0.4.2 - 2016-09-09
2 ### Security 6 ### Security
3 - Add proxy and fastcgi directives to prevent HTTPOXY attacks as described [here](https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/ "Mitigate HTTPOXY with Nginx") 7 - Add proxy and fastcgi directives to prevent HTTPOXY attacks as described [here](https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx/ "Mitigate HTTPOXY with Nginx")
@@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com' @@ -4,7 +4,7 @@ maintainer_email 'sysadmin@chromedia.com'
4 license 'Apache License' 4 license 'Apache License'
5 description 'Simplifies setup of Nginx+PHP-FPM in Chromedia.' 5 description 'Simplifies setup of Nginx+PHP-FPM in Chromedia.'
6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md')) 6 long_description IO.read(File.join(File.dirname(__FILE__), 'README.md'))
7 -version '0.4.2' 7 +version '0.4.3'
8 8
9 { 9 {
10 'openssl' => '4.4.0', 10 'openssl' => '4.4.0',
@@ -55,6 +55,9 @@ server { @@ -55,6 +55,9 @@ server {
55 listen 443 default_server; 55 listen 443 default_server;
56 server_name _; 56 server_name _;
57 return 444; 57 return 444;
  58 +
  59 + ssl_certificate <%= @path_crt %>;
  60 + ssl_certificate_key <%= @path_key %>;
58 } 61 }
59 62
60 <% end -%> 63 <% end -%>