# ssl certificate and private key
# ECDSA
ssl_certificate         /etc/letsencrypt/live/ecdsa-EXAMPLE.COM/fullchain.pem;
ssl_certificate_key     /etc/letsencrypt/live/ecdsa-EXAMPLE.COM/privkey.pem;

# RSA
ssl_certificate         /etc/letsencrypt/live/rsa-EXAMPLE.COM/fullchain.pem;
ssl_certificate_key     /etc/letsencrypt/live/rsa-EXAMPLE.COM/privkey.pem;

# SSL Labs (Cipher Strength): min. AES-256 equivalent for 100% grade (TLS 1.3 requires a AES-128 cipher tho)
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
ssl_conf_command Ciphersuites TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256;
#ssl_conf_command Ciphersuites TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256;
ssl_conf_command Options ServerPreference,PrioritizeChaCha;

# curl -so /etc/ssl/ffdhe4096.pem https://ssl-config.mozilla.org/ffdhe4096.txt
# ln -s /etc/ssl/ffdhe4096.pem /etc/nginx/dhparam.pem
ssl_dhparam dhparam.pem;

# SSL Labs (Key Exchange): min RSA 4096 equivalent curves for 100% grade (x25519 is only equivalent to RSA 3072)
ssl_ecdh_curve X448:X25519:secp521r1:secp384r1;
#ssl_ecdh_curve X448:secp521r1:secp384r1;

ssl_prefer_server_ciphers on;
ssl_protocols TLSv1.3 TLSv1.2;

# improve HTTPS performance with session resumption
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:10m;  # about 40000 sessions
ssl_session_tickets off;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;

# verify chain of trust of OCSP response using root ca and intermediate certs
# combine to one file as this directive can only be specified once
# cat /etc/letsencrypt/live/*/chain.pem > /etc/letsencrypt/live/chain.pem
ssl_trusted_certificate /etc/letsencrypt/live/chain.pem;