SSL Configurations

1.) Create a “ssl.conf” file

  • On Windows, under <Installation Directory>\nginx\
Copy
  • On Linux, under /etc/ometascan/nginx.d/
Copy

2.) A restart of the “OPSWAT Metadefender Core” service is required.

Advanced SSL configurations

1.) Explicitly allow specific TLS versions, optionally with preferred ciphers. For example:

Copy

2.) Use SSL private key and(or) certificate which is encrypted with a passphrase. Strongly recommended to put the passphrase file(s) into a secured vault where only MetaDefender Core can access.

A reference for typical practice: https://www.nginx.com/blog/protecting-ssl-private-keys-nginx-hashicorp-vault/

Copy

For more SSL-options please consult Nginx documentation.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
Origin Client Source Identification
On This Page
SSL ConfigurationsAdvanced SSL configurations