mirror of
https://github.com/caddyserver/caddy.git
synced 2024-12-16 21:56:40 -05:00
httpcaddyfile: Disabling OCSP stapling for both managed and unmanaged (#4589)
This commit is contained in:
parent
ff137d17d0
commit
26d633baf8
2 changed files with 10 additions and 2 deletions
|
@ -301,6 +301,11 @@ func (st ServerType) buildTLSApp(
|
|||
tlsApp.Automation.RenewCheckInterval = renewCheckInterval
|
||||
}
|
||||
|
||||
// set whether OCSP stapling should be disabled for manually-managed certificates
|
||||
if ocspConfig, ok := options["ocsp_stapling"].(certmagic.OCSPConfig); ok {
|
||||
tlsApp.DisableOCSPStapling = ocspConfig.DisableStapling
|
||||
}
|
||||
|
||||
// if any hostnames appear on the same server block as a key with
|
||||
// no host, they will not be used with route matchers because the
|
||||
// hostless key matches all hosts, therefore, it wouldn't be
|
||||
|
|
|
@ -10,6 +10,7 @@
|
|||
}
|
||||
acme_ca https://example.com
|
||||
acme_ca_root /path/to/ca.crt
|
||||
ocsp_stapling off
|
||||
|
||||
email test@example.com
|
||||
admin off
|
||||
|
@ -61,7 +62,8 @@
|
|||
"module": "internal"
|
||||
}
|
||||
],
|
||||
"key_type": "ed25519"
|
||||
"key_type": "ed25519",
|
||||
"disable_ocsp_stapling": true
|
||||
}
|
||||
],
|
||||
"on_demand": {
|
||||
|
@ -71,7 +73,8 @@
|
|||
},
|
||||
"ask": "https://example.com"
|
||||
}
|
||||
}
|
||||
},
|
||||
"disable_ocsp_stapling": true
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue