diff options
| author | Julien Vehent <jvehent@users.noreply.github.com> | 2015-11-19 09:02:08 -0500 |
|---|---|---|
| committer | Julien Vehent <jvehent@users.noreply.github.com> | 2015-11-19 09:02:08 -0500 |
| commit | ad4401211f2c57afe76535973bcc0db7441643b7 (patch) | |
| tree | 704419f036fa0d35e47a5140b3654def347d73ee | |
| parent | c2423b19b308e7f4f85f8ac8073efa7fc436c567 (diff) | |
| parent | 19ff6d977d49a8d8dc72d0798758743e34d145e4 (diff) | |
| download | server-side-tls-ad4401211f2c57afe76535973bcc0db7441643b7.zip server-side-tls-ad4401211f2c57afe76535973bcc0db7441643b7.tar.gz server-side-tls-ad4401211f2c57afe76535973bcc0db7441643b7.tar.bz2 | |
Merge pull request #103 from vthriller/master
nginx: ssl_session_tickets appeared first in 1.5.9
| -rw-r--r-- | ssl-config-generator/index.html | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ssl-config-generator/index.html b/ssl-config-generator/index.html index 924e05e..2502cb7 100644 --- a/ssl-config-generator/index.html +++ b/ssl-config-generator/index.html @@ -54,7 +54,7 @@ server { ssl_certificate_key /path/to/private_key; ssl_session_timeout 1d; ssl_session_cache shared:SSL:50m; - ssl_session_tickets off; +{{sslSessionTickets}} {{dhparam}} # {{securityProfile}} configuration. tweak to your needs. @@ -339,6 +339,9 @@ $SERVER["socket"] == ":443" { data.listen = ' listen 443;' + '\n' + ' ssl on;'; } + if (isOpenSSLSemVer(data.opensslVersion, ">=0.9.8f") && isSemVer(data.serverVersion, '>=1.5.9')) { + data.sslSessionTickets = ' ssl_session_tickets off;' + } break; case "apache": // http://httpd.apache.org/docs/current/mod/mod_ssl.html |