On Fri, Jan 27, 2017 at 09:53:25PM +, Bob Beck wrote:
>On Fri, Jan 27, 2017 at 14:12 Michael W. Lucas
> Or a misconfiguration. ? show configs
Configs follow.
# cat /etc/httpd.conf
include "/etc/sites/www3.conf"
include "/etc/sites/www4.conf"
www3.conf:
server "www3.mwlucas.org" {
On Fri, Jan 27, 2017 at 15:23 Stuart Henderson wrote:
> On 2017/01/27 22:09, Bob Beck wrote:
>
> > I think you have more issues than ocsp. if thats the same host you can't
>
> > have two different tls certs on the same ip. and you have them both on
>
> > *443
>
> >
>
> >
On 2017/01/27 22:09, Bob Beck wrote:
> I think you have more issues than ocsp. if thats the same host you can't
> have two different tls certs on the same ip. and you have them both on
> *443
>
> try using a separate ip for each
Wasn't SNI support added to httpd already?
I think you have more issues than ocsp. if thats the same host you can't
have two different tls certs on the same ip. and you have them both on
*443
try using a separate ip for each
On Fri, Jan 27, 2017 at 15:03 Michael W. Lucas
wrote:
> On Fri, Jan 27, 2017 at
On Fri, Jan 27, 2017 at 14:12 Michael W. Lucas
wrote:
> On Fri, Jan 27, 2017 at 02:50:29PM -0500, Michael W. Lucas wrote:
>
> > On Fri, Jan 27, 2017 at 06:49:06PM +, Stuart Henderson wrote:
>
> > > That looks like a web server bug, it shouldn't return a staple
>
On Fri, Jan 27, 2017 at 02:50:29PM -0500, Michael W. Lucas wrote:
> On Fri, Jan 27, 2017 at 06:49:06PM +, Stuart Henderson wrote:
> > That looks like a web server bug, it shouldn't return a staple
> > in that case. What software are you using for that?
>
>
>
> OpenBSD httpd, of course.
On Fri, Jan 27, 2017 at 06:49:06PM +, Stuart Henderson wrote:
> That looks like a web server bug, it shouldn't return a staple
> in that case. What software are you using for that?
OpenBSD httpd, of course. amd64 snapshot downloaded yesterday from
ftp3.usa.openbsd.org.
==ml
--
Michael
On 2017/01/27 13:10, Michael W. Lucas wrote:
> Hi,
>
> Not sure if this is an expected part of OCSP or a bug.
>
> I've configured two TLS sites on one host, one with OCSP stapling
> (www3.mwlucas.org) and one without (www4.mwlucas.org). The OCSP site
> works fine, but the non-OCSP site generates