Felt bad about not including a documentation patch, so here it is.
Changes:
- Clarifies that HAProxy does not fetch OCSP responses. Apache just has a
couple of set-and-forget directives that handle everything for you, so this
was definitely non-obvious to me.
- Removes mention of needing to
Obligatory "I am not a C programmer" and "my first upstream patch" messages.
We had an issue where one of our server certificate issuers was sending us
responses with 20 different single responses included. The serial numbers
in the Certificate IDs were exactly sequential, so I'm guessing they're
2 matches
Mail list logo
