[squid-users] OCSP stapling and must-staple

Niklas Bachmaier niklas.bachmaier at googlemail.com
Mon Nov 13 10:21:46 UTC 2017


Hello everyone

The last post I found on OCSP with Squid is from 2015 where it says
that Squid does not support OCSP by any means.

For certificate revocation checking we would like to make use of the
OCSP must-staple feature (defined in RFC 7633). We are asking
ourselves if OCSP stapling and especially must-staple is now supported
by Squid and, if it is, if there is any special configuration needed
to activate it.

We are currently using Squid 3.5 with OpenSSL version 1.0.2m from 2 Nov 2017.

Thanks already for any input on this!

Niklas


More information about the squid-users mailing list