httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 50740] Enable OCSP Stapling by default
Date Fri, 24 Jun 2011 13:47:26 GMT

--- Comment #10 from Koichi Sugimoto <> 2011-06-24 13:47:26
UTC ---
Hello Sirs,

I've investigated with Opera 11.11, IE9 and Chrome 12.0.
The OCSP responder is deginated type (see below).
And the OCSP responder is configured to reply only ocsp signing certificate.

IE9 and Opera 11.11 seems to be work correctly with apache 2.3.12-bata.
But Chrome 12.0 requests directly to the OCSP responder, even if apache replies
ocsp response as certificate status.
I do not know whether it is Chrome's bug or some interoperability problem.

Note that the size of ocsp response is > 1K, therefore, we cannot use
socache-dbm (it's too small to chache the ocsp response).

We have to check with other types of ocsp responders.

Koichi Sugimoto.

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message