Jump to content
Froxlor Forum
  • 0
Guest

Feature request: HTTP/2 support (nginx), OCSP stapeling + Optimized TLS

Question

Guest

Hello there,

 

just some ideas...

  • HTTP/2 support for nginx 1.9.5+
  • OCSP stapeling for openssl 1.0.1e+
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Would be nice if those would have a option to enable/disable within the UI.

 

Thanks

Share this post


Link to post
Share on other sites

8 answers to this question

Recommended Posts

  • 0
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Can be done via specialsettings in IP/Port and/or Domain. For the rest: patches / pull-requests are always welcome

Share this post


Link to post
Share on other sites
  • 0

I try to do something with this maybe this time I will have approved commit :P

 

I Use funtoo nginx in gentoo in version 1.9.6 is it but in funtoo not yet we worked with this now is bug FL-2524

If guys from Funtoo bump version or if i send ebuild - i get started working with this

Share this post


Link to post
Share on other sites
  • 0

For Nginx I don't know. But in Apache you can enable it globally. Best in mod_ssl.conf

Have up to now not seen any negative side effects if a domain has a certificate without ocsp url.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now



×