Re: How can I sstart openssl ocsp in secure mode using TLS/SSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 22 September 2017 at 15:08, Salz, Rich via openssl-users <openssl-users@xxxxxxxxxxx> wrote:

Openssl 0.9.8 is old and obsolete and has security issues; you should upgrade.

 

But even if you upgrade, the ocsp command will not listen on HTTPS; that is not supported.



​It's also worth pointing out that CAs are banned from running OCSP servers over HTTPS anyway and it isn't needed since the responses are already signed - http is fine.

Cheers

Rich.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux