[cabfpub] OCSP Stapling in Apache and nginx
Gervase Markham
gerv at mozilla.org
Wed Jul 9 09:59:39 UTC 2014
On 08/07/14 18:28, Ben Wilson wrote:
> Also, make sure that your server can make an outbound connection to your
> CA’s OCSP responder(s) by configuring your hosts table, firewall ports,
> etc., and then test for connectivity and retrieval of OCSP responses by
> your server.
We should agitate for them to provide, or submit a patch to provide, an
"apache2ctl ocspfetchcheck" command which does this test and give you
the OK if it works, or some sensible errors if it does not.
Gerv
More information about the Public
mailing list