Added support for proxying with TSLv1.3 encryption.

[moritzbeck13]

After Portainer dropped support for everything but TLSv1.3 in 2.13, it was noticed (https://github.com/portainer/portainer/issues/6902 and https://github.com/portainer/portainer/issues/6900) that NPM seemed to only offer TLSv1.3 for serving, but not for proxying. This makes sense, since the ssl_protocols flag is manually set to support TLSv1.2 and TSLv1.3 here, but the respective proxy_ssl_protocols flag is unset, meaning it is relied on the default NGINX setting, which enables support for TLSv1, TLSv1.1 and TLSv1.2, but not TLSv1.3. Please note that I was not able to test this and just wanted to get the fix out as fast as possible. Since I included all the older versions, that are also in the default settings, unlike the ssl_protocols flag, which theoretically drops support for some older version, the functionality should only be enhanced and there should be no compatibility issues. With regards to the age of some of these older protocols, feel free to change this to exclude support for those, though. I am not 100% sure about the location for this flag, but I think there is no better place for it. The ssl_protocols is only imported for HTTPS connections, but since you can also proxy an HTTP server over an HTTPS connection, I think it should be included in the main config.

[kaindlnetwork]

Very cool Idea! It would be interesting if this would be a setting in the Web-UI to change it if needed by the user. With TLSv1.3 as default would be good for the future.

[nginxproxymanagerci[bot]]

Docker Image for build 10 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-2045

Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.

[github-actions[bot]]

PR is now considered stale. If you want to keep it open, please comment :+1: