Complete the code to enable SSL in the server block.
server {
listen 443 ssl;
ssl_certificate [1];
}The ssl_certificate directive specifies the path to the SSL certificate file.
Complete the code to specify the SSL private key file.
server {
listen 443 ssl;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key [1];
}The ssl_certificate_key directive points to the private key file matching the SSL certificate.
Fix the error in the SSL protocol configuration line.
server {
listen 443 ssl;
ssl_protocols [1];
}The ssl_protocols directive should list secure TLS versions like TLSv1.2 and TLSv1.3. Older protocols like SSLv3 are insecure and should be avoided.
Fill both blanks to enable strong ciphers and prefer server ciphers.
server {
listen 443 ssl;
ssl_ciphers [1];
ssl_prefer_server_ciphers [2];
}ssl_ciphers sets strong cipher suites, and ssl_prefer_server_ciphers on; tells Nginx to use server's cipher preference.
Fill all three blanks to configure SSL session cache and timeout.
server {
listen 443 ssl;
ssl_session_cache [1];
ssl_session_timeout [2];
ssl_session_tickets [3];
}ssl_session_cache shared:SSL:10m; enables shared cache for SSL sessions, ssl_session_timeout 5m; sets session timeout to 5 minutes, and ssl_session_tickets off; disables session tickets for better security.