jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

HS 2.0 server: Allow OCSP responder to continue running after errors

Browse source 
By default, 'openssl ocsp' exits upon receiving a malformed request.
That's not really ideal for a server, so configure openssl to not do
that and instead, continue running to process other requests.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2020-03-07 13:26:56 +02:00
parent ca8a51c4bb
commit 87998f80e7
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
hs20/server/ca/ocsp-responder.sh
View file

@ -1,3 +1,3 @@
#!/bin/sh
openssl ocsp -index demoCA/index.txt -port 8888 -nmin 5 -rsigner ocsp.pem -rkey ocsp.key -CA demoCA/cacert.pem -text
openssl ocsp -index demoCA/index.txt -port 8888 -nmin 5 -rsigner ocsp.pem -rkey ocsp.key -CA demoCA/cacert.pem -text -ignore_err