openssl icon indicating copy to clipboard operation
openssl copied to clipboard

Published 20 hours ago verified publisher icon ruby

OCSP stapling support

Open p-mongo opened this issue 4 years ago • 3 comments

We are looking into implementing OCSP stapling support in our application using Ruby and are wondering how to do so/whether this is possible.

I found this SO post giving the steps using openssl: https://stackoverflow.com/questions/9607516/openssl-certificate-revocation-check-in-client-program-using-ocsp-stapling

It mentions using SSL_set_tlsext_status_type and SSL_CTX_set_tlsext_status_cb method, which appear to not be referenced by ruby-openssl code.

Is it possible to implement OCSP stapling using ruby-openssl today? If so, can someone point me to documentation on how to achieve this?

p-mongo avatar Nov 21 '19 20:11 p-mongo

Sorry, I don't have an answer for you, but we'd be happy to receive a PR with documentation and/or expanding the surface area of the Ruby interface to support this use case.

ioquatix avatar Nov 22 '19 01:11 ioquatix

I think that ruby-openssl does not support API to do the OCSP Stapling yet.

thekuwayama avatar Nov 22 '19 01:11 thekuwayama

I am working on implementing OCSP stapling.

p-mongo avatar Aug 27 '20 22:08 p-mongo