Beta Branch acmetool.sh 1.0.28 add OCSP Must Staple Support

eva2000 · May 20, 2017

acmetool.sh 1.0.28 add OCSP Must Staple Support

- optionally add OCSP Must Staple support OCSP Must-Staple when you set in persistent config file /etc/centminmod/custom_config.inc the variable, ACME_MUSTSTAPLE='y' prior to issuing Letsencrypt SSL certificates
- disabled by default, ACME_MUSTSTAPLE='n'

Continue reading...

123.09beta01 branch

Branch: GitHub - centminmod/centminmod at 123.09beta01

Commit History: Commits · centminmod/centminmod · GitHub

eva2000 · May 20, 2017

ssllabs test

rdan · Oct 24, 2018

This flag instructs the browser that the certificate must be served with a valid OCSP response or the browser should hard fail on the connection.
Click to expand...

Scary for critical sites .

eva2000 · Oct 24, 2018

rdan said: ↑

Scary for critical sites .
Click to expand...

and also problematic if you choose to use Nginx + BoringSSL for HTTPS as BoringSSL doesn't support OCSP at all heh

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

Beta Branch acmetool.sh 1.0.28 add OCSP Must Staple Support

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

rdan Well-Known Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

Beta Branch acmetool.sh 1.0.28 add OCSP Must Staple Support

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

rdan Well-Known Member

eva2000 Administrator Staff Member

.