projects
/
chef.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
3b2d91d
)
Try to make apache SSL stapling more robust
author
Tom Hughes
<tom@compton.nu>
Tue, 21 Mar 2017 12:43:17 +0000
(12:43 +0000)
committer
Tom Hughes
<tom@compton.nu>
Tue, 21 Mar 2017 12:43:17 +0000
(12:43 +0000)
cookbooks/apache/templates/default/ssl.erb
patch
|
blob
|
history
diff --git
a/cookbooks/apache/templates/default/ssl.erb
b/cookbooks/apache/templates/default/ssl.erb
index 17ee112b6c9b5ee6915660aa0061794f71fc0809..a703b04c7a518c9e6e241315af11c86adc5033d9 100644
(file)
--- a/
cookbooks/apache/templates/default/ssl.erb
+++ b/
cookbooks/apache/templates/default/ssl.erb
@@
-11,5
+11,7
@@
SSLCertificateChainFile /etc/ssl/certs/letsencrypt.pem
SSLUseStapling On
SSLStaplingResponderTimeout 5
+SSLStaplingErrorCacheTimeout 60
SSLStaplingReturnResponderErrors off
+SSLStaplingFakeTryLater off
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_ocspcache(512000)