From 973aa601ef77848dbe63df97cd994cd51bcf3747 Mon Sep 17 00:00:00 2001
From: Jimmy Zelinskie <jimmy.zelinskie@coreos.com>
Date: Tue, 14 Jul 2015 17:33:57 -0400
Subject: [PATCH] nginx: "temporarily" disable OCSP stapling

---
 conf/nginx.conf | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index 5d3537561..9c652c3a8 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -14,10 +14,12 @@ http {
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_session_cache shared:SSL:10m;
     ssl_session_timeout 5m;
-    ssl_stapling on;
-    ssl_stapling_verify on;
     ssl_prefer_server_ciphers on;
 
+    # TODO: learn wtf OCSP stapling is and do it the right way
+    #ssl_stapling on;
+    #ssl_stapling_verify off;
+
     server {
         include server-base.conf;