From ed312768d23efa249916ec055a80280688849dff Mon Sep 17 00:00:00 2001 From: Andrea Dell'Amico Date: Tue, 3 Apr 2018 11:56:47 +0200 Subject: [PATCH] library/roles/letsencrypt-acmetool-client/defaults/main.yml: disable 'must staple' by default. Our nginx and haproxy are too old for that. --- letsencrypt-acmetool-client/defaults/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/letsencrypt-acmetool-client/defaults/main.yml b/letsencrypt-acmetool-client/defaults/main.yml index 2d7da68..27afa5d 100644 --- a/letsencrypt-acmetool-client/defaults/main.yml +++ b/letsencrypt-acmetool-client/defaults/main.yml @@ -26,7 +26,7 @@ letsencrypt_acme_services_scripts_dir: /usr/lib/acme/hooks letsencrypt_tos_url: 'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf' letsencrypt_acme_agree_tos: true letsencrypt_acme_rsa_key_size: 4096 -letsencrypt_ocsp_must_staple: True +letsencrypt_ocsp_must_staple: False # rsa|ecdsa letsencrypt_acme_key_type: ecdsa letsencrypt_acme_ecdsa_curve: nistp256