OCSP stapling: ssl_trusted_certificate directive. The directive allows to specify additional trusted Certificate Authority certificates to be used during certificate verification. In contrast to ssl_client_certificate DNs of these cerificates aren't sent to a client during handshake. Trusted certificates are loaded regardless of the fact whether client certificates verification is enabled as the same certificates will be used for OCSP stapling, during construction of an OCSP request and for verification of an OCSP response. The same applies to a CRL (which is now always loaded).

GNUmakefile, in svn it is available since 0.4.0 only.


make -f misc/GNUmakefile release

the required tools:
*) xsltproc to build CHANGES,
*) java and XSLScript ( http://pault.com/pault/XSLScript/ ) to build XSLTs
   from XSLScript sources.


make -f misc/GNUmakefile icons

the required tool:
*) netpbm to create Win32 icons from xpm sources.