Open Bug 811326 Opened 12 years ago Updated 1 year ago

Extend httpserv to implement OCSP server functionality

Tracking

(Not tracked)

Status:

NEW

People

(Reporter: KaiE, Unassigned)

References

(Blocks 1 open bug)

Details

Kai Engert [:KaiE:]

Reporter

Description

•

12 years ago

We should extend httpserv to act as an OCSP server. I propose that URLs that start with /ocsp shall be handled by new OCSP server logic. I propose to add a new command line option to httpserv: --ocspsigner nickname and we should allow to specify that option multiple times, allowing a single process to provide responses for multiple CAs. I want to start with the basic scenario, where CA == OCSP signer. (We can figure out a way to support separate dedicated OCSP signer certs at a later time.) The code shall require that the NSS database contains the private keys for all specified OCSP signers.

Kai Engert [:KaiE:]

Reporter

Updated

•

12 years ago

Blocks: 811327

BMO Automation

Updated

•

2 years ago

Severity: normal → S3

Benjamin Beurdouche [:beurdouche]

Updated

•

1 year ago

Severity: S3 → N/A

Type: defect → enhancement

Priority: -- → P5

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Extend httpserv to implement OCSP server functionality

Categories

(NSS :: Tools, enhancement, P5)

Tracking

(Not tracked)

People

(Reporter: KaiE, Unassigned)

References

(Blocks 1 open bug)

Details

Crash Data

Security

(public)

User Story

Description

Updated

Updated

Updated