|
Yep very nice. In mod_status you can see :
Managed Staplings| Domain | Certificate ID | OCSP Status | Stapling Valid | Responder | Activity |
|---|
| domain.com | 3ff13e35fbe9d1ce4bcafbc3fd2ccd6ff5079eca | good | until 2020-04-03 | ocsp.int-x3.letsencrypt.org | Refresh in ~3 days |
Try in global conf:
<MDomain domain.com www.domain.com ......> MDCertificateFile conf/domain.com-chain.pem MDCertificateKeyFile conf/domain.com-key.pem MDStapling on </MDomain>
MDMessageCmd c:/apache24/bin/MDMessageCmd.bat MDNotifyCmd c:/apache24/bin/MDNotifyCmd.bat
And Remove the directives
SSLCertificateFile .....chain.pem SSLCertificateKeyFile ......key.pem
See in the Readme.md the above directives.
The info is stored in MDStoreDir/ocsp On Friday 27/03/2020 at 11:25, Marek Svent wrote: Hi,
From 2.4 changelog I read that from next 2.4 release it's possible to
use mod_md OCSP stapling even for certificates not managed by mod_md.
It's very welcome as there is too many problems with mod_ssl stapling
code. However it's not clear for me how this could be configured.
I have many virtual hosts and none of the certificates is managed by
mod_md. However I'd like to switch to mod_md for stapling, but
continue to control per virtual host whether to staple at all. How do
I configure this?
Also it's unclear where stapling information is stored. MDStoreDir?
Regards,
--
Marek
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
| 