Summary: | OCSP Stapling does not resolve DNS | ||
---|---|---|---|
Product: | Apache httpd-2 | Reporter: | Paul <paul.necsoiu> |
Component: | mod_ssl | Assignee: | Apache HTTPD Bugs Mailing List <bugs> |
Status: | RESOLVED WORKSFORME | ||
Severity: | critical | CC: | cbarbara, not.waf, szg0000, toscano.luca |
Priority: | P2 | ||
Version: | 2.4.18 | ||
Target Milestone: | --- | ||
Hardware: | PC | ||
OS: | Linux |
Description
Paul
2016-01-08 15:01:37 UTC
Hi Paul, sorry for the delay. If you still haven't resolved the issue, can you try setting the loglevel to debug (https://httpd.apache.org/docs/2.4/mod/core.html#loglevel) to see the result of this log? /* establish a connection to the OCSP responder */ ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c, APLOGNO(01973) "connecting to %s '%s'", proxy_uri ? "proxy" : "OCSP responder", uri->hostinfo); As far as I can see the cafe.ro should be resolved, and in case of failure you should have found an error like the following in your logs: if (rv) { ap_log_cerror(APLOG_MARK, APLOG_ERR, rv, c, APLOGNO(01972) "could not resolve address of %s %s", proxy_uri ? "proxy" : "OCSP responder", next_hop_uri->hostinfo); return NULL; Are you sure that cafe.ro is correctly resolving to 127.0.0.1 on your system? There is nothing obviously wrong with the code, if there is a reproducible problem with 2.4.43 please reopen and provide the requested debug-level log output. |