Project

General

Profile

Actions
Copy link

Feature #8299

closed

acme: ocsp must-staple

Added by Idar Lund about 6 years ago. Updated almost 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
ACME
Target version:
-
Start date:
01/29/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:

Description

The acme.sh client supports ocsp must-staple;
if [ "$Le_OCSP_Staple" ] || [ "$Le_OCSP_Stable" ]; then
_savedomainconf Le_OCSP_Staple "$Le_OCSP_Staple"
_cleardomainconf Le_OCSP_Stable
printf -- "\nbasicConstraints = CA:FALSE\n1.3.6.1.5.5.7.1.24=DER:30:03:02:01:05" >>"$csrconf"
fi

with the "--ocsp-must-staple" or "--ocsp" flags;
--ocsp-must-staple | --ocsp)
Le_OCSP_Staple="1"
;;

Please add support for this option in acme_certificates_edit.php

To learn more about ocsp must-staple, please read https://scotthelme.co.uk/ocsp-must-staple/

Actions
Copy link
 #1

Updated by Jim Pingle about 6 years ago

  • Project changed from pfSense to pfSense Packages
  • Category changed from Certificates to ACME
  • Assignee set to Jim Pingle
Actions
Copy link
 #2

Updated by Jim Pingle almost 6 years ago

  • Status changed from New to Resolved

This is in the package and working OK now

Actions
Copy link

Also available in: Atom PDF