Hello, Our .NET 3.5 application uses the HttpWebRequest class to establish TLS connections to hosted backend services and it does not make use of our Apache web server's stapled response (to confirm whether or not the SSL certificate is valid). The application itself performs client-driven CRL or OCSP calls on its own.
We can't find any information which states whether or not .NET WebClient, HttpClient or HttpWebRequest classes support OCSP stapling configured in Apache server. I confirmed that various web browsers (Edge, Chrome and Firefox) triggered Apache to make calls to the OCSP responder when they hit the Apache page. Since that worked, we are trying to determine why our .NET application accessing the same Apache server does not invoke the OCSP call. Are there any specific settings within .NET or Apache that need to be set? Thank you.
