ansol
/
matrix-docker-ansible-deploy
mirror of https://github.com/spantaleev/matrix-docker-ansible-deploy.git
7
0
Fork 0
Code Issues Projects Releases Wiki Activity

Disable OCSP stapling when self-signed certificates are used 

Fixes https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
This commit is contained in:
Slavi Pantaleev 2021-05-21 08:35:19 +03:00
parent 1ab507349c
commit 9a8a81fdb0
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
group_vars/matrix_servers
View File

@ -1239,6 +1239,11 @@ matrix_nginx_proxy_proxy_matrix_user_directory_search_addr_sans_container: "{{ m
matrix_nginx_proxy_self_check_validate_certificates: "{{ false if matrix_ssl_retrieval_method == 'self-signed' else true }}"
# OCSP stapling does not make sense when self-signed certificates are used.
# See https://github.com/spantaleev/matrix-docker-ansible-deploy/issues/1073
# and https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/1074
matrix_nginx_proxy_ocsp_stapling_enabled: "{{ matrix_ssl_retrieval_method != 'self-signed' }}"
matrix_nginx_proxy_synapse_presence_disabled: "{{ not matrix_synapse_presence_enabled }}"
matrix_nginx_proxy_synapse_workers_enabled: "{{ matrix_synapse_workers_enabled }}"