Closed PeterOlausson65 closed 6 years ago
Looking into the code I found out it uses net.klakegg.pkix.ocsp.fetcher.UrlOcspFetcher class, which uses the java.net.HttpURLConnection class. This can be configured with Java properties http.proxyHost and http.proxyPort. After adding those properties the OCSP works with proxy.
I have a problem starting oxalis-inbound-4.0.2.war when placed on a private network behind a proxy. Even though I configure the proxy settings in oxalis.conf, the detection of certificate fails with a connection timeout. I have verified the proxy is working and the certificate I use works when I run on an installation with direct internet access (no proxy). Is there any way to configure the use of proxy for the certificate validation? There is a similar issue https://github.com/difi/oxalis/issues/335 with a provided workaround of removing the OCSP tag in the pki configuration files.