sozu icon indicating copy to clipboard operation
sozu copied to clipboard

Published 20 hours ago verified publisher icon sozu-proxy

Support OCSP stapling

Open Geal opened this issue 7 years ago • 1 comments

certificate revocation information can be obtained through the OCSP protocol, but this is typically dangerous for production deployments if it blocks the TLS handshake. Now it's possible to predownload the revocation information and store it in the server, and serve it with he handshake.

Geal avatar Jul 11 '17 08:07 Geal

we can use the futures executor in the main process to download OCSP info for each certificate, then dispatch that to the workers

Geal avatar Jul 29 '21 10:07 Geal