diff options
Diffstat (limited to 'docs/conf')
| -rw-r--r-- | docs/conf/extra/httpd-ssl.conf.in | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in index b59fa36b19..7110341f60 100644 --- a/docs/conf/extra/httpd-ssl.conf.in +++ b/docs/conf/extra/httpd-ssl.conf.in @@ -73,6 +73,31 @@ SSLPassPhraseDialog builtin SSLSessionCache "shmcb:ssl_scache(512000)" SSLSessionCacheTimeout 300 +# OCSP Stapling (requires OpenSSL 0.9.8h or later) +# +# This feature is disabled by default and requires at least +# the two directives SSLUseStapling and SSLStaplingCache. +# Refer to the documentation on OCSP Stapling in the SSL/TLS +# How-To for more information. +# +# Enable stapling for all SSL-enabled servers: +#SSLUseStapling On + +# Define a relatively small cache for OCSP Stapling using +# the same mechanism that is used for the SSL session cache +# above. If stapling is used with more than a few certificates, +# the size may need to be increased. (AH01929 will be logged.) +#SSLStaplingCache "shmcb:ssl_stapling(32768)" + +# Override the OCSP responder URL specified in the certificate +#SSLStaplingForceURL http://ocsp.example.com/ + +# Seconds before valid OCSP responses are expired from the cache +#SSLStaplingStandardCacheTimeout 3600 + +# Seconds before invalid OCSP responses are expired from the cache +#SSLStaplingErrorCacheTimeout 600 + ## ## SSL Virtual Host Context ## |