Project

General

Profile

Actions
Copy link

Bug #16195

closed

Remove deprecated OCSP stapling functionality

Added by David Horn 4 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
ACME
Target version:
-
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Affected Version:
All
Affected Plus Version:
25.07
Affected Architecture:
All

Description

Please remove the ui elements and variable handling code for ocsp must-staple in the pfsense acme package.

Including the ocsp must-staple value to "true" causes a fatal error in obtaining / renewing a certificate.

https://letsencrypt.org/2024/12/05/ending-ocsp/

May 7, 2025
Prior to this date we will have added CRL URLs to certificates
On this date we will drop OCSP URLs from certificates
On this date all requests including the OCSP Must Staple extension will fail

Actions
Copy link
 #1

Updated by Jim Pingle 2 months ago

  • Affected Plus Version changed from 25.03 to 25.07
Actions
Copy link
 #2

Updated by Jim Pingle about 1 month ago

  • Subject changed from acme 0.9_1 ocsp must-staple deprecated from let's encrypt to Remove deprecated OCSP stapling functionality
  • Assignee set to Jim Pingle
Actions
Copy link
 #3

Updated by Jim Pingle about 1 month ago

  • Status changed from New to In Progress
Actions
Copy link
 #4

Updated by Jim Pingle about 1 month ago

  • Status changed from In Progress to Resolved
  • % Done changed from 0 to 100

OCSP stapling removed in ACME pkg v1.0

Actions
Copy link

Also available in: Atom PDF