On 03/12/17 07:45, Torsten Tributh via Exim-users wrote: >> Under OpenSSL current versions it will not be possible >> thanks to the SSL_get_certificate() bug. >> >> I'm afraid this won't be fixed for 4.90. >> > It's sad to hear. Does the bug in OpenSSL still exists in OpenSSL 1.1.0?
Yes. > I am not sure if nginx found a way to handle it. > It seems that also with multiple certificates the OCSP stapling works > there correct. > They use of course a complete different way to make their stapling > compared to exim. > Maybe this could be a hint for a possible solution. I was going by the suggested implementation method in the OpenSSL man pages. Perhaps nginx has found an alternate route. Perhaps you could investigate their code? -- Cheers, Jeremy -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
