Alan Orth 6ccfdb99fa roles/nginx: Enable OCSP stapling ... Reduces round trip time for clients. Note: I am using a certificate chain in the `ssl_certificate' directive, so as I understand it, I don't need to use an explicit trusted intermediate + root CA cert with the `ssl_trusted_certificate' option. See the nginx docs for more[0]. Addresses GitHub Issue #5. Seems to be working, test with: $ openssl s_client -connect mjanja.ch:443 -servername mjanja.ch -tls1 -tlsextdebug -status Look for "OCSP Response" with "Cert Status: good". [0] http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_stapling Signed-off-by: Alan Orth <alan.orth@gmail.com>		2014-12-06 23:28:05 +03:00
..
common	roles/common: Add ECDSA public key for noma	2014-10-12 13:25:48 +03:00
mariadb	roles/mariadb: Quote the password in .my.conf template	2014-09-01 12:41:56 +03:00
munin	roles/munin: Fix nginx template	2014-08-28 22:08:32 +03:00
nginx	roles/nginx: Enable OCSP stapling	2014-12-06 23:28:05 +03:00
php5-fpm	roles/php5-fpm: Fix php.ini reconfiguration (pathinfo)	2014-09-14 12:34:44 +03:00