Jump to content
Froxlor Forum
  • 0

Feature request: HTTP/2 support (nginx), OCSP stapeling + Optimized TLS


Guest

Question

Posted

Hello there,

 

just some ideas...

  • HTTP/2 support for nginx 1.9.5+
  • OCSP stapeling for openssl 1.0.1e+
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Would be nice if those would have a option to enable/disable within the UI.

 

Thanks

8 answers to this question

Recommended Posts

Posted
  • HSTS (HTTP Strict Transport Security) headers
  • SSL/TLS Session Cache and Timeouts
  • SSL/TLS Prefer Server Ciphers

 

Can be done via specialsettings in IP/Port and/or Domain. For the rest: patches / pull-requests are always welcome

Posted

I try to do something with this maybe this time I will have approved commit :P

 

I Use funtoo nginx in gentoo in version 1.9.6 is it but in funtoo not yet we worked with this now is bug FL-2524

If guys from Funtoo bump version or if i send ebuild - i get started working with this

Posted

For Nginx I don't know. But in Apache you can enable it globally. Best in mod_ssl.conf

Have up to now not seen any negative side effects if a domain has a certificate without ocsp url.

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...