Hi, for the GNU Wget2 GSOC project we needed the ability to test OCSP stapling. I created an MR at Gitlab: https://gitlab.com/libmicrohttpd/libmicrohttpd/merge_requests/1.
Writing a test for this is a bit more work. It includes a valid CA cert+key, a derived server cert. Additionally you need an OCSP responder working with these certs and a client generate a OCSP request and the ability to save the OCSP response. This response in turn is then used by the test (MHD server side sends it to the client). GnuTLS has currently no API or tool to work as OCSP responder, so we have to fallback to 'openssl ocsp' tool for this part. I suggest our student Kumar first writes a shell script to generate all the needed files. With that we'll generate and add the DER/PEM blobs plus the test to a second commit. Meanwhile you could comment on the MR above. Regards, Tim
signature.asc
Description: OpenPGP digital signature
