From 8f83310022eb4142610eb972fa973922f6540466 Mon Sep 17 00:00:00 2001
From: Jakub Onderka <ahoj@jakubonderka.cz>
Date: Wed, 7 Aug 2019 17:44:43 +0200
Subject: [PATCH] nginx: Remove TLSv1.1 support

Signed-off-by: Jakub Onderka <jakub.onderka@gmail.com>
---
 make/photon/prepare/templates/nginx/nginx.https.conf.jinja | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja
index b497fb5ec..29b76c37a 100644
--- a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja
+++ b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja
@@ -39,7 +39,7 @@ http {
     ssl_certificate_key {{ssl_cert_key}};
   
     # Recommendations from https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-    ssl_protocols TLSv1.1 TLSv1.2;
+    ssl_protocols TLSv1.2;
     ssl_ciphers '!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES:';
     ssl_prefer_server_ciphers on;
     ssl_session_cache shared:SSL:10m;