Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.ISSUE MIGRATED FROM https://gitlab.com/aegir/hosting_https/issues/26 (see #2934484: Move back issue management to D.o)
See Security Certificate Revocation Awareness: The case for “OCSP Must-Staple” for background.
On Nginx at least, this is simply adding a couple of lines to the site config:
ssl_stapling on;
ssl_stapling_verify on;For Apache this looks like;
SSLUseStapling on
and 'SSLSessionCache' set to something.
docs: http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslusestapling
I assume this would vary per certificate service ... e.g. self-signed would not benefit here ;)
Comments