Hi everybody, my name is Andrea Giacobazzi, and
i'm developing a patch for mod_ssl
exactly in function ssl_engine_kernel.c (look at
labels "Giacob") to realize an ocsp responder
to verify client certificate, during client
authentication. It works with LDAP directory v2 and look
for the client cert in the directory: if it's
present set ocsp status GOOD else set ocsp status
SUSPENDED. you can change the dierctory name in
ldapservers var.
Anyone interested on it ? any hints ?
I'd like to realize a complete ocsp responder for ldap, and
also http then, compliant with
IETF directives (see ocsp draft) and maybe include it in
mod_ssl. I'd like also to submit
the activation of ocsp check to the config file of apache
server: how is possible to do that?
Thanks
ssl_engine_kernel.c