-
Add support for OCSP stapling, also known as status_request from [RFC 6066](http://tools.ietf.org/html/rfc6066) and the newer multiple certificate status request from [RFC 6961](http://tools.ietf.org/…
-
### Is your feature request related to a problem? Please describe
I'm lately using Fedora's Atomic distros (silverblue, kinoite, coreos etc) due to their predictable base systems being rock stable. T…
-
While the RFC 6961/6066 CertificateStatus message is only defined for server certificates, the new formulation for TLS 1.3 where the staple is sent in the "status_request" extension body in the certif…
kaduk updated
4 months ago
-
Description here: https://wiki.mozilla.org/Security/Server_Side_TLS#OSCP_Stapling
nginx snippet (https://mozilla.github.io/server-side-tls/ssl-config-generator/):
```
# OCSP Stapling ---
…
-
After https://github.com/rustls/rustls-platform-verifier/pull/50 lands we should be able to enable the stapled OCSP test in the real world verification test suite: https://github.com/rustls/rustls-pla…
cpu updated
10 months ago
-
Add support for the Must-Staple part of the X.509 Feature Extension (RFC 7633) to the validator, such that a certificate will fail validation if a valid OCSP response isn't provided in the call.
-
Hi guys,
Today I see use okhttp to call the URL get this errors: connectjavax.net.ssl.SSLHandshakeException: Chain validation failed
But there is no problem accessing it using a browser.
After a …
-
Slide 1: Food for Thought!
How does climate change impact global food security?
2. **Reduced crop yields**: Rising temperatures and changing weather patterns lower the yields of key staple crops …
-
- [x] Uptime monitoring
- [ ] CPU monitoring
- [ ] database monitoring
-
It would be great to support ocsp stapling in the haproxy router.
AFAICT it needs two things
- a loop that gets the ocsp response to serve,
- either a call to haproxy's unix socket with the response,…