mod-ssl should support OCSP Stapling
Bug #437512 reported by
Nick Barcet
This bug affects 2 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
Binary package hint: apache
Apache Mod-SSL recently got a new feature called OCSP Stapling, which proxies/caches OCSP responses for certificates through TLS. Opera currently delays every website for 15 seconds, that does not support OCSP stapling yet.
A patch for to support this is available at:
https:/
This patch would also makes running a CA much easier, since it takes away a lot of load and bandwidth from the OCSP and CRL servers due to the caching
To post a comment you must log in.
Thank you for opening this bug and helping make Ubuntu better. I am marking this bug Confirmed/WishList -- I am still to look at the changelist, and find out if this change landed on Lucid or not. But yes, it might reduce traffic a lot for OCSP.