> Am 12.11.2025 um 18:56 schrieb Joe Orton <[email protected]>:
>
> On Wed, Sep 03, 2025 at 05:49:38PM +0200, Stefan Eissing via dev wrote:
>> https://docs.digicert.com/en/whats-new/change-log/certcentral-change-log.html#digicert-ending-support-for-http-1-0-connections-for-ocsp-and-crl-certificate-status-verification-checks-619426
>>
>> On rather short notice, they switch off HTTP/1.0 in their OCSP
>> responder. That means our implementation of stapling in mod_ssl will
>> no longer work, I assume.
>
> Did they change what was proposed here? The wording on this page now
> reads:
>
> "Verify every client, agent, and integration that communicates with
> DigiCert OCSP and CRL services uses HTTP/1.0 with a proper Host header
> or HTTP/1.1 or HTTP/1.2."
>
> ... which the mod_ssl client does do, so we should be fine.
Seems the updated. Probably got some feedback on the original proposal.
>
> Regards, Joe
>
