57159 – mod_ssl OCSP Stapling directives don't support per-certificate settings

Bug 57159 - mod_ssl OCSP Stapling directives don't support per-certificate settings

Summary: mod_ssl OCSP Stapling directives don't support per-certificate settings

Status:	NEW

Alias:	None

Product:	Apache httpd-2
Classification:	Unclassified
Component:	mod_ssl (show other bugs)
Version:	2.5-HEAD
Hardware:	All All

Importance:	P2 minor (vote)
Target Milestone:	---
Assignee:	Apache HTTPD Bugs Mailing List

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-10-28 20:18 UTC by Jeff Trawick
Modified:	2014-10-28 20:18 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Jeff Trawick 2014-10-28 20:18:54 UTC

Some of the directives apply to responders, which are tied to certificates, of which you can have multiple per vhost.  But the directives apply to all certificates used by the vhost.

SSLStaplingForceURL is the most likely concern AFAIK, and even that would be a rare issue since overriding the responder URL is uncommon and multiple certificates per vhost is uncommon.

http://httpd.apache.org/docs/trunk/mod/mod_ssl.html#sslstaplingforceurl

I don't think this is a present concern.