Changeset 2713 for trunk


Ignore:
Timestamp:
Jul 16, 2015, 9:59:21 PM (7 years ago)
Author:
andersk
Message:
Enable OCSP stapling

No particular security benefit since we don’t have OCSP Must-Staple
yet, but this apparently reduces latency in Firefox and IE, which do
OCSP lookups by default in the absence of stapled responses.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/server/fedora/config/etc/httpd/conf/httpd.conf

    r2635 r2713  
    330330    SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
    331331    SSLSessionCacheTimeout 28800
     332    SSLStaplingCache shmcb:/var/cache/mod_ssl/ocspcache(512000)
     333    SSLUseStapling on
    332334    SSLRandomSeed startup file:/dev/urandom 256
    333335    SSLRandomSeed connect builtin
Note: See TracChangeset for help on using the changeset viewer.