Add ssl_session_tickets directive. (#145)

This commit is contained in:
Philip Henning 2019-07-15 14:41:04 +02:00 committed by Alessandro Fael Garcia
parent 37641fcdf1
commit 2d803f207c
3 changed files with 5 additions and 0 deletions

View File

@ -389,6 +389,7 @@ nginx_http_template:
prefer_server_ciphers: true prefer_server_ciphers: true
session_cache: none session_cache: none
session_timeout: 5m session_timeout: 5m
disable_session_tickets: false
trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt
stapling: true stapling: true
stapling_verify: true stapling_verify: true

View File

@ -201,6 +201,7 @@ nginx_http_template:
prefer_server_ciphers: true prefer_server_ciphers: true
session_cache: none session_cache: none
session_timeout: 5m session_timeout: 5m
disable_session_tickets: false
trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt trusted_cert: /etc/ssl/certs/root_CA_cert_plus_intermediates.crt
stapling: true stapling: true
stapling_verify: true stapling_verify: true

View File

@ -78,6 +78,9 @@ server {
{% if item.value.ssl.session_timeout is defined and item.value.ssl.session_timeout %} {% if item.value.ssl.session_timeout is defined and item.value.ssl.session_timeout %}
ssl_session_timeout {{ item.value.ssl.session_timeout }}; ssl_session_timeout {{ item.value.ssl.session_timeout }};
{% endif %} {% endif %}
{% if item.value.ssl.disable_session_tickets is defined and item.value.ssl.disable_session_tickets %}
ssl_session_tickets off;
{% endif %}
{% if item.value.ssl.stapling is defined and item.value.ssl.stapling %} {% if item.value.ssl.stapling is defined and item.value.ssl.stapling %}
ssl_stapling on; ssl_stapling on;
{% endif %} {% endif %}