diff --git a/bin/apisix b/bin/apisix index 79c00ed25c14..bdda18408bd3 100755 --- a/bin/apisix +++ b/bin/apisix @@ -105,7 +105,6 @@ events { } worker_rlimit_core {* worker_rlimit_core *}; -working_directory /tmp/apisix_cores/; worker_shutdown_timeout 3; diff --git a/conf/config.yaml b/conf/config.yaml index cee95a601019..7cd178da47f4 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -91,8 +91,8 @@ apisix: enable: true enable_http2: true listen_port: 9443 - ssl_protocols: "TLSv1 TLSv1.1 TLSv1.2 TLSv1.3" - ssl_ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA" + ssl_protocols: "TLSv1.2 TLSv1.3" + ssl_ciphers: "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384" key_encrypt_salt: "edd1c9f0985e76a2" # If not set, will save origin ssl key into etcd. # If set this, must be a string of length 16. And it will encrypt ssl key with AES-128-CBC # !!! So do not change it after saving your ssl, it can't decrypt the ssl keys have be saved if you change !! diff --git a/t/APISIX.pm b/t/APISIX.pm index ab50740fe27d..a973143c32d4 100644 --- a/t/APISIX.pm +++ b/t/APISIX.pm @@ -102,7 +102,6 @@ add_block_preprocessor(sub { my $main_config = $block->main_config // <<_EOC_; worker_rlimit_core 500M; -working_directory $apisix_home; env APISIX_PROFILE; _EOC_