Skip to content
Commit f8987930 authored by Marius Cramer's avatar Marius Cramer
Browse files

- added intermediate SSL security profile (see...

- added intermediate SSL security profile (see https://mozilla.github.io/server-side-tls/ssl-config-generator/)
- TODO: admin option to choose between intermediate (default) and modern
parent 0e899eee
  • Da fehlt das Cache Verzeichnis meines Erachtens.

    # OCSP Stapling, only in httpd 2.3.3 and later
        SSLUseStapling          on
        SSLStaplingResponderTimeout 5
        SSLStaplingReturnResponderErrors off
        # On Apache 2.4+, SSLStaplingCache must be set *outside* of the VirtualHost
        SSLStaplingCache        shmcb:/var/run/ocsp(128000)
     
        # Enable this if your want HSTS (recommended)
        # Header add Strict-Transport-Security "max-age=15768000"
     
        ...
    </VirtualHost>
    # TLS Session cache, outside of virtual host, apache 2.4+
    # the path doesn't need to exist
    SSLSessionCache         shmcb:/path/to/ssl_gcache_data(5120000)

    https://wiki.mozilla.org/Security/Server_Side_TLS#Apache

    Wenn ich dieses Template in 3.0.5.4p8 nutze, bekomm ich einen Error 500 und im log wird über das fehlende Cache Verzeichnis geklagt :)

0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment