httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marc Stern" <>
Subject OCSP support added
Date Thu, 23 Sep 2004 11:41:59 GMT
I added support for certificate validation through OCSP, where the OCSP
server URI is contained in the certificate itself (following the X.509
The patch is available on (for 2.0.49, but
most of it is in separate files).

The check is optional.
There is also a parameter to decide if the authentication fails or not when
the server cannot be reached.

The code allows conditional compilation (full code enclosed in #ifdef).

This was developed for the Belgium Government and distributed publicly from
may 2004. No bug has been reported since.

The code supports a proxy, although the option was not added in the config
Another option in the config file could be to use a specified URI in case it
is not present in the certificate.

If you have any remarks about it, just send me an e-mail.
If you want this to be included in new releases, you can vote for it on


View raw message