diff --git a/openresty/1.27.1.2-0-1-focal/conf/ssl/root_ssl.conf b/openresty/1.27.1.2-0-1-focal/conf/ssl/root_ssl.conf
new file mode 100644
index 000000000..0fe8653d8
--- /dev/null
+++ b/openresty/1.27.1.2-0-1-focal/conf/ssl/root_ssl.conf
@@ -0,0 +1,8 @@
+ssl_certificate    /usr/local/openresty/nginx/conf/ssl/fullchain.pem;
+ssl_certificate_key    /usr/local/openresty/nginx/conf/ssl/privkey.pem;
+ssl_protocols TLSv1.2 TLSv1.3;
+ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED;
+ssl_prefer_server_ciphers off;
+ssl_session_cache shared:SSL:10m;
+ssl_session_timeout 10m;
+add_header Strict-Transport-Security "max-age=31536000";
\ No newline at end of file