I’ve got Certbot 0.31.0 on Ubuntu 18.04 (most recent) w/ Nginx. I’m looking to disable TLS 1.0/1.1 but I’m not sure in which configuration file I should do that.
Can I simply edit /etc/letsencrypt/options-ssl-nginx.conf, even though it says it is managed by Certbot and that my changes will be overwritten? Other posts in the forums seem to indicate that I should edit it directly but the files says NOT to do so. Does Certbot really need /etc/letsencrypt/options-ssl-nginx.conf?
Where am I to edit the TLS configuration so I’m on Mozilla Observator TLS Intermediate configuration? https://ssl-config.mozilla.org/
Also, can we add details like this to the official documentation?