You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by Thijs Kinkhorst <th...@surfnet.nl> on 2017/02/06 10:28:02 UTC

Re: Configuration of trusted OCSP responder certificates

On 02-01-17 14:17, Thijs Kinkhorst wrote:
> I'd like to enquire about the possibilities to merge the patch to
> support configuring trusted OCSP responder certificates.
> 
> We need this change in order to be able to use OCSP with client
> certificate authentication.
> 
> The patch is in
> https://bz.apache.org/bugzilla/show_bug.cgi?id=46037
> for a few years now and there have been several reports of it working
> without problems; we're also running it for a few years and it works
> fine for us.

Is there anyone who can help me with this? Anything we can do?


Thanks,
Thijs

Re: Configuration of trusted OCSP responder certificates

Posted by Yann Ylavic <yl...@gmail.com>.

On Mon, Feb 6, 2017 at 12:09 PM, Yann Ylavic <yl...@gmail.com> wrote:
> On Mon, Feb 6, 2017 at 11:28 AM, Thijs Kinkhorst
> <th...@surfnet.nl> wrote:
>> On 02-01-17 14:17, Thijs Kinkhorst wrote:
>>> I'd like to enquire about the possibilities to merge the patch to
>>> support configuring trusted OCSP responder certificates.
>>>
>>> We need this change in order to be able to use OCSP with client
>>> certificate authentication.
>>>
>>> The patch is in
>>> https://bz.apache.org/bugzilla/show_bug.cgi?id=46037
>>> for a few years now and there have been several reports of it working
>>> without problems; we're also running it for a few years and it works
>>> fine for us.
>>
>> Is there anyone who can help me with this? Anything we can do?
>
> The patch was committed[1], and is being reviewed (possibly proposed
> for backport to 2.4.x soon).
>
>
> Regards,
> Yann.
>
> [1] http://svn.apache.org/viewvc?r1781575

Sorry, bad link: http://svn.apache.org/r1781575

Re: Configuration of trusted OCSP responder certificates

Posted by Thijs Kinkhorst <th...@surfnet.nl>.

On 06-02-17 12:09, Yann Ylavic wrote:
>> Is there anyone who can help me with this? Anything we can do?
> The patch was committed[1], and is being reviewed (possibly proposed
> for backport to 2.4.x soon).

Great news, I missed that recent change, thanks!


Cheers,
Thijs

Re: Configuration of trusted OCSP responder certificates

Posted by Yann Ylavic <yl...@gmail.com>.

On Mon, Feb 6, 2017 at 11:28 AM, Thijs Kinkhorst
<th...@surfnet.nl> wrote:
> On 02-01-17 14:17, Thijs Kinkhorst wrote:
>> I'd like to enquire about the possibilities to merge the patch to
>> support configuring trusted OCSP responder certificates.
>>
>> We need this change in order to be able to use OCSP with client
>> certificate authentication.
>>
>> The patch is in
>> https://bz.apache.org/bugzilla/show_bug.cgi?id=46037
>> for a few years now and there have been several reports of it working
>> without problems; we're also running it for a few years and it works
>> fine for us.
>
> Is there anyone who can help me with this? Anything we can do?

The patch was committed[1], and is being reviewed (possibly proposed
for backport to 2.4.x soon).


Regards,
Yann.

[1] http://svn.apache.org/viewvc?r1781575