search

jxskiss / simplessl

On the fly SSL certificate issue and renewal inside OpenResty with Let's Encrypt
MIT License
45 stars 13 forks source link

Update dependencies and fix OCSP stapling #6

Closed cedricdubois closed 2 years ago

cedricdubois commented 2 years ago

Hi

This PR fixes two things:

  1. It updates dependencies for golang.org/x/crypto so the correct certificate chain is included in the LE certs (older versions included the expired certificates)
  2. Fixes OCSP stapling which failed because the wrong certificate was selected as issuer certificate.

Tested these changes and works as expected.

Please let me know if this needs changes.

Thanks!

Kind regards, Cedric

jxskiss commented 2 years ago

Thanks much for you contribution! I will look at it soon.