source: mod_gnutls/test/tests/37_TLS_reverse_proxy_resume_session/backend.conf @ 8d0efdc

Last change on this file since 8d0efdc was 8d0efdc, checked in by Fiona Klute <fiona.klute@…>, 8 months ago

Disable session tickets by default

After learning that the GnuTLS key "rotation" scheme never actually
changes the primary key I'm disabling session tickets by default,
because I cannot ensure everyone will reload their servers to replace
the keys. I hope to eventually implement a real key rotation and
enable tickets by default again.

  • Property mode set to 100644
File size: 360 bytes
1Include ${PWD}/proxy_backend.conf
2GnuTLSSessionTickets on
4<VirtualHost _default_:${BACKEND_PORT}>
5    ServerName   ${BACKEND_HOST}
6    # force an new (resumed if possible) session for each request
7    KeepAlive    Off
8    GnuTLSEnable On
9    GnuTLSCertificateFile authority/server/x509.pem
10    GnuTLSKeyFile         authority/server/secret.key
Note: See TracBrowser for help on using the repository browser.