All, just to draw your attention to bug #48447. Without it OCSP stapling doesn't work at all unless a port is explicitly stated in URLs. The fix is trivial and uses the same technique as the regular client certificate OCSP code.
Steve. -- Dr Stephen N. Henson. Senior Technical/Cryptography Advisor, Open Source Software Institute: www.oss-institute.org OpenSSL Core team: www.openssl.org
