Grzegorz Kulewski:
Hello,
Is resolver in nginx still needed for OCSP stapling?
I am getting a warning from nginx if resolver is not supplied but at
the same time both Qualys and openssl s_client output suggest OCSP
stapling is working. Strange
There are two options
- let nginx fetch the ocsp response from ca server
- fetch offline and point nginx via ssl_stapling_file to the data
1 require a resolver and serve the first response after restart
without ocsp data
2 require a resolver outside nginx (but not inside), some scripting
and deliver oscp data also at the first response
--
Grzegorz Kulewski
g...@leniwiec.biz
+48 663 92 88 95
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
