Mercurial > hg > nginx
comparison src/http/modules/ngx_http_ssl_module.h @ 4875:386a06a22c40
OCSP stapling: loading OCSP responses.
This includes the ssl_stapling_responder directive (defaults to OCSP
responder set in certificate's AIA extension).
OCSP response for a given certificate is requested once we get at least
one connection with certificate_status extension in ClientHello, and
certificate status won't be sent in the connection in question. This due
to limitations in the OpenSSL API (certificate status callback is blocking).
Note: SSL_CTX_use_certificate_chain_file() was reimplemented as it doesn't
allow to access the certificate loaded via SSL_CTX.
| author | Maxim Dounin <mdounin@mdounin.ru> |
|---|---|
| date | Mon, 01 Oct 2012 12:47:55 +0000 |
| parents | dd74fd35ceb5 |
| children | 4a804fd04e6c |
comparison
equal
deleted
inserted
replaced
| 4874:d1a20423c425 | 4875:386a06a22c40 |
|---|---|
| 42 | 42 |
| 43 ngx_shm_zone_t *shm_zone; | 43 ngx_shm_zone_t *shm_zone; |
| 44 | 44 |
| 45 ngx_flag_t stapling; | 45 ngx_flag_t stapling; |
| 46 ngx_str_t stapling_file; | 46 ngx_str_t stapling_file; |
| 47 ngx_str_t stapling_responder; | |
| 47 | 48 |
| 48 u_char *file; | 49 u_char *file; |
| 49 ngx_uint_t line; | 50 ngx_uint_t line; |
| 50 } ngx_http_ssl_srv_conf_t; | 51 } ngx_http_ssl_srv_conf_t; |
| 51 | 52 |