Maintain TLS v1.2 compatibility (might want to drop this later) and add support for TLS v1.3
@@ -19,7 +19,7 @@ server {
listen [::]:443 ssl http2;
server_name example.com;
- ssl_protocols TLSv1.2;
+ ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!MEDIUM:!LOW:!aNULL:!NULL:!SHA;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;