AIUI,  support for stapling in NSS is pretty primitive. You are expected to
make the OCSP query yourself and use the API to configure the server.
On Mar 2, 2016 7:42 AM, "Rob Crittenden" <rcrit...@redhat.com> wrote:

> I don't see a way to implement OCSP stapling on the server side.
>
> SSL_SetStapledOCSPResponses() is I think what one would use to set the
> response in the SSL session but I don't see a way to get the response
> from the OCSP handler. At least, I don't see a way without implementing
> my own status checker and overriding statusConfig->statusChecker ala
> CERT_EnableOCSPChecking().
>
> Am I missing something?
>
> thanks
>
> rob
> --
> dev-tech-crypto mailing list
> dev-tech-crypto@lists.mozilla.org
> https://lists.mozilla.org/listinfo/dev-tech-crypto
>
-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto

Reply via email to