Feature request: HTTP/2 support (nginx), OCSP stapeling + Optimized TLS

October 13, 2015

Hello there,

just some ideas...

Would be nice if those would have a option to enable/disable within the UI.

Thanks

d00p · October 13, 2015

HSTS (HTTP Strict Transport Security) headers

SSL/TLS Session Cache and Timeouts

SSL/TLS Prefer Server Ciphers

Can be done via specialsettings in IP/Port and/or Domain. For the rest: patches / pull-requests are always welcome

Tomasz Czauderna · November 23, 2015

The ngx_http_v2_module module (1.9.5) provides support for HTTP/2 and supersedes the ngx_http_spdy_module module.

All sugestions about implenent spdy was rejected or close on redmine

d00p · November 25, 2015

And again, patches and/or pull-requests on github are welcome

Tomasz Czauderna · November 25, 2015

I try to do something with this maybe this time I will have approved commit

I Use funtoo nginx in gentoo in version 1.9.6 is it but in funtoo not yet we worked with this now is bug FL-2524

If guys from Funtoo bump version or if i send ebuild - i get started working with this

d00p · November 25, 2015

If you're a Gentoo/Funtoo guy - download tarball and compile yourself?!

Tomasz Czauderna · November 25, 2015

i don't do that anymore...

To many times i lost time to rapier system portage dependence.

And I don't like mixin overlays this slow down portage.

ebuild have only 600 lines not too much

Step by step

Tomasz Czauderna · December 2, 2015

Private overlay with nginx is done.

little steps

lsbbs · June 3, 2016

For Nginx I don't know. But in Apache you can enable it globally. Best in mod_ssl.conf

Have up to now not seen any negative side effects if a domain has a certificate without ocsp url.

Question