Hi, Can haproxy be configured to make OCSP requests to an OCSP Responder to check certificate status when authenticating a client? Current support for CRL seems limited in that it’s not realtime and the haproxy process must be reloaded whenever a change in CRL number is detected by an external process. Supporting OCSP Requests for SSL client authentication seems like a better approach.
Cheers, Jason
