Disable OCSP stapling when self-signed certificates are used
Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
This commit is contained in:
parent
1ab507349c
commit
9a8a81fdb0
@ -1239,6 +1239,11 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ m
|
|||||||
|
|
||||||
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
|
||||||
|
|
||||||
|
# OCSP stapling does not make sense when self-signed certificates are used.
|
||||||
|
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
|
||||||
|
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1074
|
||||||
|
matrix_nginx_proxy_ocsp_stapling_enabled: "{{ matrix_ssl_retrieval_method != 'self-signed' }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_synapse_presence_disabled: "{{ not matrix_synapse_presence_enabled }}"
|
matrix_nginx_proxy_synapse_presence_disabled: "{{ not matrix_synapse_presence_enabled }}"
|
||||||
|
|
||||||
matrix_nginx_proxy_synapse_workers_enabled: "{{ matrix_synapse_workers_enabled }}"
|
matrix_nginx_proxy_synapse_workers_enabled: "{{ matrix_synapse_workers_enabled }}"
|
||||||
|
Loading…
Reference in New Issue
Block a user