https://issues.apache.org/bugzilla/show_bug.cgi?id=54357
--- Comment #16 from Alex Bligh <[email protected]> --- Kaspar, Thanks for this. I thought about moving to a global ssl stapling info hash. My concern about doing this was two fold. 1. Does the OCSP somehow requires a state per vhost - for instance what happens if 2 sites have a different stapling_force_url for the same certificate? As SSLStaplingForceURL is a vhost ctx directive, wouldn't this introduce a back compatibility problem? 2. Does this work with apache's threading model without further mutexes? Do I then need to worry about concurrent accesses to the stapling info in a way I didn't before? 3. If I make this change, presumably the check for ""ssl_stapling_init_cert: certificate already initialized!"" should go. Mainly because of (1), I'm tempted to do this without the change in scope of the stapling info (i.e. to keep it at a vhost level). Does that make sense? Alex -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
