AIUI, support for stapling in NSS is pretty primitive. You are expected to make the OCSP query yourself and use the API to configure the server. On Mar 2, 2016 7:42 AM, "Rob Crittenden" <rcrit...@redhat.com> wrote:
> I don't see a way to implement OCSP stapling on the server side. > > SSL_SetStapledOCSPResponses() is I think what one would use to set the > response in the SSL session but I don't see a way to get the response > from the OCSP handler. At least, I don't see a way without implementing > my own status checker and overriding statusConfig->statusChecker ala > CERT_EnableOCSPChecking(). > > Am I missing something? > > thanks > > rob > -- > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto