Forward Secrecy - B Rating SSL Test with seafile docker image and Letsencrypt activated

Dear Seafile Community,

i recently made the ssllabs ssl test from qualys (https://www.ssllabs.com/ssltest/) for my seafile instance and got a B Rating. Thats only due to the fact that forward secrecy is not enabled. Please could you adjust this and implement it within the next docker image? Its really odd to miss the A grade due to this setting.

I am using the latest seafile docker image with the automated letsencrypt certificates directly from the docker image.

SEAFILE_VERSION: 6.3.13
SEAFILE_SERVER: seafile-pro-server

best regards and thanks in advance
satheras

Can’t you adjust it yourself in docker Nginx?
I don’t use docker but in my Ubuntu I setup Nginx how I like and got A grade

yes, i could do that but what is the purpose of the docker container from seafileltd then? I could also do the letsencrypt automation or the proxying in a different way. But the developers made a complete setup (OS, base config, nginx, letsencrypt, etc.) within the official docker image.

From my point of view it would make sense to have everything in one place - like i strongly believe the developers intended in first place.

thanks in advance

I remember having some “hard” Nginx settings that some older phone didn’t work.
Maybe they wanted to have a balanced config between security and usability.

Some other gut could have complained that he has a docker with A grade security but some phones are not workings. There is no perfect config for all conditions and I believe that as a admin you should be able to tweak and trouble shoot your server in your environment yourself