Hello,
With some experience in F5 and NetScaler world but still new to Nginx I have been tasked with migrating 50+ public URLs to NGINX Plus configured as keepalived HA pair. What would be best SSL configuration to achieve highest security scores from Qaulys SSLLabs or BitSight ? Can someone recommend or share current best SSL config ?

Alos, as for overall design what is an optimal design in such case ?
1. Single keepalived IP with server_name directives or separate IP for each URL ? If separate IPs, do i have to list them in keepalived config ?
2. Is single SSL config file possible to share the same encryption settings across all URLs ?

Obviously my goal here is to achieve high availability with A+ security scores.

Any help will be highly appreciated.
Jay