httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 50740] Enable OCSP Stapling by default
Date Mon, 13 Jun 2011 09:37:51 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=50740

--- Comment #8 from Rob Stradling <rob@comodo.com> 2011-06-13 09:37:51 UTC ---
(In reply to comment #2)
> Does it work?   Does the caching work?  I'd like to see results of people
> testing the code in anger before inflicting it on the masses.

Comodo have setup a test server with OCSP stapling enabled:
https://httpd-2.3-dev.comodoca.com

All seems well.  IE and Opera connect without displaying any warnings.

To confirm that Opera actually recognizes and uses the stapled OCSP Response, I
edited my /etc/hosts file to block access to the OCSP Responder
(ocsp.comodoca.com).  Navigating to the URL above proceeded without error,
whereas navigating to a different server that doesn't have OCSP stapling
enabled caused Opera to complain that the OCSP Responder was unreachable.

Our OCSP Responder software is an in-house Apache C module.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message