On Thu, Apr 11, 2019, at 15:49, erikssonfili...@gmail.com wrote:
> Using Go's standard TLS library this does not seem possible, as
> tls.Dial does not seem to do any OCSP checking. Another possible
> workaround would be to fetch the server certificate without
> performing a handshake, then check
Hi,
I am required to, using Go, as a client do OCSP revocation checking of
server certificate before completing a TLS handshake, i.e [initiate
handshake -> get server cert -> check revocation status -> if revoked
abort], and not [initiate handshake -> complete handshake -> check
revocation
