Jump to content
Froxlor Forum
  • 0
Guest

Feature request: HTTP/2 support (nginx), OCSP stapeling + Optimized TLS

Question

Guest

Hello there,

 

just some ideas...

  • HTTP/2 support for nginx 1.9.5+
  • OCSP stapeling for openssl 1.0.1e+
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Would be nice if those would have a option to enable/disable within the UI.

 

Thanks

Share this post


Link to post
Share on other sites

8 answers to this question

Recommended Posts

  • 0
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Can be done via specialsettings in IP/Port and/or Domain. For the rest: patches / pull-requests are always welcome

Share this post


Link to post
Share on other sites
  • 0

I try to do something with this maybe this time I will have approved commit :P

 

I Use funtoo nginx in gentoo in version 1.9.6 is it but in funtoo not yet we worked with this now is bug FL-2524

If guys from Funtoo bump version or if i send ebuild - i get started working with this

Share this post


Link to post
Share on other sites
  • 0

For Nginx I don't know. But in Apache you can enable it globally. Best in mod_ssl.conf

Have up to now not seen any negative side effects if a domain has a certificate without ocsp url.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Answer this question...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...





×
×
  • Create New...