Hi, nobody knows plz ?
On Thu, 9 Jul 2015 13:06:59 +0200, Marc-Antoine <marc-antoine.b...@ovh.net> wrote : > Hi all, > > I have some problem making ocsp stapling working. here is what i did : > > I have 8150.pem with chain, cert and key in it. > > I have 8150.pem.ocsp that seems ok : > > # openssl ocsp -respin 8150.pem.ocsp -text -CAfile alphassl256.chain > OCSP Response Data: > OCSP Response Status: successful (0x0) > Response Type: Basic OCSP Response > Version: 1 (0x0) > Responder Id: 9F10D9EDA5260B71A677124526751E17DC85A62F > Produced At: Jul 9 09:47:04 2015 GMT > Responses: > Certificate ID: > Hash Algorithm: sha1 > Issuer Name Hash: 84D56BF8098BD307B766D8E1EBAD6596AA6B6761 > Issuer Key Hash: F5CDD53C0850F96A4F3AB797DA5683E669D268F7 > Serial Number: 11216784E7CA1813F3AD922B60EAF6428EE0 > Cert Status: good > This Update: Jul 9 09:47:04 2015 GMT > Next Update: Jul 9 21:47:04 2015 GMT > > No error/warn at haproxy launching but not sure haproxy is loading .ocsp file > because no notice in log. > > But nothing in tlsextdebug : > > echo Q | openssl s_client -connect www.beluc.fr:443 -servername www.beluc.fr > -tlsextdebug -status -CApath /etc/ssl/certs > [...] > OCSP response: no response sent > [...] > > Do you see smth wrong ? What can i do in order to debug ? > > Regards, > -- Marc-Antoine