-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OCSP Stapling was not working #984
Conversation
… was not working due to the incorrect file extension.
I confirm that due to this (.crt instead of .pem) OCSP stapling does not work with projects like |
@jwilder , @kamermans could you take a look at this ? |
Also, I could swear that there was some verbiage in the README about enabling OCSP stapling, but now I don't see it. Maybe you guys recall seeing it? In any case, we should add a section like this to the README after
|
@kamermans it will make OCSP work out of the box compared to not working at all, It could be the other way around (modifying |
ping @jwilder |
@jwilder again, could you please take a look at this and consider it for merging ? I'm sorry to insist but this is just an incredibly small, six characters change that would just make something work out of the box for It's actually the same person that contributed OCSP support to both |
Thanks @buchdag @kamermans @sydoveton! |
The nginx.tmpl was looking for the chain certificate with the file extension of .crt when in fact the chain certificate has a .pem extension. Adjusted the template to ensure SSL stapling was correctly enabled by detecting the correct file.