nihilist/acme.sh
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix haproxy deploy hook ocsp update

Browse Source 
fixes ocsp reponse update failing with `Responder Error: unauthorized (6)`
by removing `-no_nonce` switch from `openssl oscp` command .
This commit is contained in:
Felix Bünemann 2020-05-02 22:14:21 +02:00 committed by GitHub
parent c3d7f5b28b
commit cf5952f508
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
deploy/haproxy.sh
View File

@ -233,7 +233,6 @@ haproxy_deploy() {
-header Host${_header_sep}\"${_ocsp_host}\" \ -header Host${_header_sep}\"${_ocsp_host}\" \
-respout \"${_ocsp}\" \ -respout \"${_ocsp}\" \
-verify_other \"${_issuer}\" \ -verify_other \"${_issuer}\" \
-no_nonce \
${_cafile_argument} \ ${_cafile_argument} \
| grep -q \"${_pem}: good\"" | grep -q \"${_pem}: good\""
_debug _openssl_ocsp_cmd "${_openssl_ocsp_cmd}" _debug _openssl_ocsp_cmd "${_openssl_ocsp_cmd}"