wolfssl icon indicating copy to clipboard operation
wolfssl copied to clipboard

Published 20 hours ago verified publisher icon wolfSSL

OCSP stapling with HAProxy as a server

Open vkssv opened this issue 9 months ago • 4 comments

This patch allows to load and validate OCSP response file in DER format, when haproxy starts. This file should be kept at the same path as the using server certificate and *.issuer file (set as ssl crt keyword value at haproxy's bind line):

bind *:1443 ssl crt show_ocsp_server.pem

~/haproxy master$ ls -al show_ocsp_server.pem*
-rw-r--r-- 1 root root 6918 mai   16 19:25 show_ocsp_server.pem
-rw-r--r-- 1 root root 1830 mai   16 19:25 show_ocsp_server.pem.issuer
-rw-r--r-- 1 root root 2281 mai   16 19:25 show_ocsp_server.pem.ocsp

Description

Please describe the scope of the fix or feature addition.

Fixes zd#

Testing

How did you test?

Checklist

  • [ ] added tests
  • [ ] updated/added doxygen
  • [ ] updated appropriate READMEs
  • [ ] Updated manual and documentation

vkssv avatar May 29 '24 16:05 vkssv