Openfire
/
openfire-docker-compose
mirror of https://github.com/surevine/openfire-docker-compose.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

fix: Keep OCSP responder running on invalid request 

Added the openssl ocsp flag to ignore malformed requests. The OCSP responder now continues running instead of terminating upon receiving a malformed request.

When testing connectivity it is useful to be able to curl http://ocsp-responder:8888. Previous to this commit the responder would send 200 OK then exit. With this change we still get the 200 response but the responder remains active.
fix-revocation-examples
Matthew Vivian 2024-11-21 08:34:42 +00:00 committed by Guus der Kinderen
parent 836b0be3c2
commit 68a6a4ca3c
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
federation/docker-compose-ocsp-responder.yml
View File

@ -36,7 +36,8 @@ services:
-CA /ca/intermediate-ca/intermediate.crt \
-rkey /ca/ocsp-responder/ocsp.key \
-rsigner /ca/ocsp-responder/ocsp.crt \
-ndays 1 &
-ndays 1 \
-ignore_err &
# Use socat to create IPv6 and IPv4 listeners that forward to the OCSP responder
socat TCP6-LISTEN:8888,fork,ipv6-v6only=1 TCP4:127.0.0.1:8887 &