Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
From: Eric Covener <covener@xxxxxxxxx>
Date: Mon, 24 Apr 2023 12:33:41 -0400
In-reply-to: <CAOdFHDXcX9M_binXXHDPotE=YeMT_3VrK337t4kkRX-QYvS_bQ@mail.gmail.com>
Reply-to: users@xxxxxxxxxxxxxxxx

I have added tracing and see that the OCSP is revoked. I guess my question is, if the certificate is revoked, should Apache deny access to the website? Because it is still allowing access even though the OCSP server mentions that it's revoked.

Is there anything in the docs that implies OCSP stapling does anything but staple the OCSP response so the client can see it?

Did it get added as an extension in the handshake or not?

Follow-Ups:
- Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
  - From: Quintin Ash

References:
- OCSP Stapling Configuration Setup
  - From: Quintin Ash
- Re: OCSP Stapling Configuration Setup
  - From: Daniel Ferradal
- Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
  - From: Quintin Ash
- Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
  - From: Daniel Ferradal
- Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
  - From: Quintin Ash

Prev by Date: Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
Next by Date: SSLPassPhraseDialog issue
Previous by thread: Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
Next by thread: Re: Re: [EXTERNAL] Re: [users@httpd] OCSP Stapling Configuration Setup
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]