# Common SSL security settings
ssl_session_timeout 5m;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
# ssl_dhparam /etc/ssl/dhparam.pem;

# So the Acme client can use the htdocs method
location /.well-known {
	alias /var/www/html/.well-known;
}