New blog post: How to Configure OCSP Stapling in Apache and nginx https://sslmate.com/blog/post/ocsp_stapling_in_apache_and_nginx …
-
-
@__agwa@BRIAN_____ Quick! And thanks! Seriously, you're doing great work that I wish more CAs would help {fund, contribute} themselves -
@__agwa@BRIAN_____ There's so many ponies I would wish for with OCSP stapling (basically, what MSFT does with IIS) -
@__agwa@BRIAN_____ background fetching a new response before current has expired, RFC 5019 handling, supporting reverse OCSP proxies for FE -
@sleevi_@BRIAN_____ Yes - background fetching! Apache/nginx's use of the OpenSSL callback to initiate the fetch is so braindead.
End of conversation
New conversation -
-
-
@__agwa@sleevi_@BRIAN_____ a number of things in apache's stapling behaviour are pretty bad, didn't get to write bugs for that yetThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.