OCSP stapling support is missing for lighttpd #8084
Comments
|
Just for reference. |
|
IMO the whole discussion was derailed so nothing came of it. A prime example of what discouragement does to open source contributions. 🤷♂️ |
|
Sorry, did not find it in open issues... should I close this? I would actually test it... |
|
I guess the TLDR of the whole discussion in that PR was that upstream has a script for it. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
When I want to make use of ACME certificates for dual-use, like for HAproxy sites and OpnSense itself, I want to be able to use OCSP stapling. Currently, OpnSense does not support it.
Describe the solution you like
Lighttpd supports OCSP stapling since 1.4.56:
https://redmine.lighttpd.net/projects/lighttpd/wiki/Docs_SSL#OCSP-Stapling
Once could use "ssl.stapling-file" in the configuration and have a cron job that fetches its content regularly, like described in the docs.
Describe alternatives you considered
Having another non-OCSP-stapling certificate, just for OpnSense.
The text was updated successfully, but these errors were encountered: