erver operators can deliver SCTs by using a special TLS extension (see figure 2). In this case, the CA issues the certificate to the server operator, and the server operator submits the certificate to the log. The log sends the SCT to the server operator, and the server operator uses a TLS extension with type signed_certificate_timestamp to deliver the SCT to the client during the TLS handshake.
Enabling HTTP/2 and CHACHA20_POLY1305 on Nginx
HTTP/2 HTTP/2 (originally named HTTP/2.0) is the second major version of the HTTP network protocol used by the World Wide Web. It is based on SPDY. HTTP/2 was developed by the Hypertext Transfer Protocol working group (httpbis, where bis means…
Install Nginx and PHP-FPM on OS X
Install Nginx via Homebrew $ brew install nginx Adding Nginx to startup routine $ ln -sfv /usr/local/opt/nginx/*.plist /Library/LaunchDaemons/ $ sudo chown root:wheel /Library/LaunchDaemons/homebrew.mxcl.nginx.plist To Start $ launchctl load -w /Library/LaunchDaemons/homebrew.mxcl.nginx.plist or $ sudo nginx To Stop $ launchctl unload -w…
Enabling SPDY and HSTS on Nginx
Also see Enabling SPDY and HSTS on Apache. We should have Nginx up and running with a SSL certificate. Even though it is theoretically possible to run SPDY without SSL, in practice we need SSL to make it work. Make…
- Page 1 of 212