heuzef
/
lesspass
mirror of https://github.com/lesspass/lesspass.git
1
0
Fork 0
Code Issues 0 Releases 67 Wiki Activity
Browse Source

Enable Apache OCSP stapling (#569) 

This will speed up the website loading, and make the website more
reliable to the users when the client fails to connect to the CA for an
OCSP response.

Reference:
- https://en.wikipedia.org/wiki/OCSP_stapling
pull/571/head
Peter Dave Hello 4 years ago
committed by GitHub
parent
cc7bac7c9b
commit
2a7c018dc9
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +4
    -4
      containers/webserver/httpd-ssl.conf

+ 4
- 4
containers/webserver/httpd-ssl.conf View File

@@ -100,19 +100,19 @@ SSLSessionCacheTimeout 300
# How-To for more information.
#
# Enable stapling for all SSL-enabled servers:
#SSLUseStapling On
SSLUseStapling On

# Define a relatively small cache for OCSP Stapling using
# the same mechanism that is used for the SSL session cache
# above. If stapling is used with more than a few certificates,
# the size may need to be increased. (AH01929 will be logged.)
#SSLStaplingCache "shmcb:/usr/local/apache2/logs/ssl_stapling(32768)"
SSLStaplingCache "shmcb:/usr/local/apache2/logs/ssl_stapling(32768)"

# Seconds before valid OCSP responses are expired from the cache
#SSLStaplingStandardCacheTimeout 3600
SSLStaplingStandardCacheTimeout 3600

# Seconds before invalid OCSP responses are expired from the cache
#SSLStaplingErrorCacheTimeout 600
SSLStaplingErrorCacheTimeout 600

Protocols h2 h2c http/1.1



Write Preview
Loading…
Cancel
Save