server {
  listen       <%= ssl_port %>;
  <% # check to see if ipv6 support exists in the kernel before applying %>
  <% if ipv6_enable && (defined? @ipaddress6) %>
  listen [<%= ipv6_listen_ip %>]:<%= ipv6_listen_port %> <% if @ipv6_listen_options %><%= ipv6_listen_options %><% end %> ipv6only=on;
  <% end %>
  server_name           <%= server_name.join(" ") %>;
  protocol              <%= protocol %>;
  xclient               <%= xclient %>;
  auth_http             <%= auth_http %>;

  ssl on;
  ssl_certificate      <%= ssl_cert %>;
  ssl_certificate_key  <%= ssl_key %>;

  ssl_session_timeout  5m;

  ssl_protocols  SSLv3 TLSv1;
  ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
  ssl_prefer_server_ciphers   on;

}