ioquatix
commented
4 years ago Sorry, I don't have an answer for you, but we'd be happy to receive a PR with documentation and/or expanding the surface area of the Ruby interface to support this use case.
Open p-mongo opened 4 years ago
ioquatix
commented
4 years ago Sorry, I don't have an answer for you, but we'd be happy to receive a PR with documentation and/or expanding the surface area of the Ruby interface to support this use case.
thekuwayama
commented
4 years ago I think that ruby-openssl does not support API to do the OCSP Stapling yet.
p-mongo
commented
4 years ago I am working on implementing OCSP stapling.
We are looking into implementing OCSP stapling support in our application using Ruby and are wondering how to do so/whether this is possible.
I found this SO post giving the steps using openssl: https://stackoverflow.com/questions/9607516/openssl-certificate-revocation-check-in-client-program-using-ocsp-stapling
It mentions using SSL_set_tlsext_status_type and SSL_CTX_set_tlsext_status_cb method, which appear to not be referenced by ruby-openssl code.
Is it possible to implement OCSP stapling using ruby-openssl today? If so, can someone point me to documentation on how to achieve this?