Hi,
I just wanted to let yall know that I figured out that its not a problem of me doing something wrong or haproxy doing something wrong its the browsers. I found the answer on this page https://www.aaronpeters.nl/blog/ev-certificates-make-the-web-slow-and-unreli able/ : Chrome always checks revocation status with the CA regardless of the EV certificate being OCSP stapled or not and regardless of Chrome having the certificate and/or a "not revoked" OCSP response in its local cache Best regards, i.A. Thomas Bätzler -- BRINGE Informationstechnik GmbH Zur Seeplatte 12 D-76228 Karlsruhe Germany Fon: +49 721 94246-0 Fon: +49 171 5438457 Fax: +49 721 94246-66 Web: <http://www.bringe.de/> http://www.bringe.de/ Geschäftsführer: Dipl.-Ing. (FH) Martin Bringe Ust.Id: DE812936645, HRB 108943 Mannheim
smime.p7s
Description: S/MIME cryptographic signature
