Nginx: Drop OCSP stapling directives.

Let's Encrypt removed OCSP URLs from certificates on 2025-05-07, see https://letsencrypt.org/2024/12/05/ending-ocsp .
author: Guilhem Moulin <guilhem@fripost.org> 2025-08-06 13:54:05 +0200
committer: Guilhem Moulin <guilhem@fripost.org> 2025-08-06 13:54:05 +0200
commit: 4c271d92503aa0b66a59df20ec576cc1622bb14c (patch)
tree: 6bbab65b72319f9b1f3d6762432648881ece62f5 /files
parent: 14ad8f36d990c23dfb67b04c20c21e062ffdf30d (diff)
1 files changed, 0 insertions, 7 deletions
diff --git a/files/etc/nginx/snippets/ssl.conf b/files/etc/nginx/snippets/ssl.conf
index 0bce30a..b86f5e3 100644
--- a/files/etc/nginx/snippets/ssl.conf
+++ b/files/etc/nginx/snippets/ssl.conf
@@ -7,10 +7,3 @@ ssl_dhparam /etc/ssl/dhparams.pem;
 ssl_protocols TLSv1.2 TLSv1.3;
 ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
 ssl_prefer_server_ciphers off;
-
-ssl_stapling on;
-ssl_stapling_verify on;
-
-ssl_trusted_certificate /usr/share/lacme/ca-certificates.crt;
-
-resolver 127.0.0.53;
author	Guilhem Moulin <guilhem@fripost.org>	2025-08-06 13:54:05 +0200
committer	Guilhem Moulin <guilhem@fripost.org>	2025-08-06 13:54:05 +0200
commit	4c271d92503aa0b66a59df20ec576cc1622bb14c (patch)
tree	6bbab65b72319f9b1f3d6762432648881ece62f5 /files
parent	14ad8f36d990c23dfb67b04c20c21e062ffdf30d (diff)