Commit 3b62063c authored by Aral Balkan's avatar Aral Balkan
Browse files

Implement OCSP Stapling

For nginx/Let’s Encrypt. Speeds up SSL, improves privacy.
parent 23125585
......@@ -23,6 +23,12 @@ server {
ssl_prefer_server_ciphers on;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
# Implement OCSP Stapling
# (Speed up SSL and improve privacy by not requiring calls to certificate authority)
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/certs/better.fyi/chain.pem;
# --- End of SSL-specific setup ---
# Serve the site from the git repository.
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment