|Summary:||OCSP Stapling should not serve OCSP responses from the cache even after they expire|
|Product:||Apache httpd-2||Reporter:||Taejoong Chung <tijay00>|
|Component:||mod_ssl||Assignee:||Apache HTTPD Bugs Mailing List <bugs>|
Description Taejoong Chung 2018-05-23 03:41:00 UTC
SSLStapling On; SSLStaplingStandardCacheTimeout 3600 (after one hour a new ocsp request is being done by mod_ssl) When the OCSP responses from the cache expire, it should go fetch a fresh OCSP response from the OCSP responder even though it still has some cycles to hit the SSLStaplingStandardCacheTimeout; but it keeps serving the expired response from the cache.