You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → wolfSSL → WolfSSL API for OCSP stapling check
Hello,
I would like to know the wolfssl api for ocsp stapling check request from client to server.
1. I can see there are APIs defined, as EnableOCSP stapling and UseOCSPstapling...which one to be used? Also i can see UseOCSPstaplingV2.
2. Can these APIs, return the certificate status..?
Thanks
Does anyone implemented OCSP stapling check request at client side ? please reply.
Hi @SaravananG,
Thank you for reaching out to wolfSSL via the forums. Can you tell us a bit about your project and organization to help us understand your use-case and needs?
Yes wolfSSL implements OCSP stapling on the client side. We provide an example of using it with our examples:
$ cd wolfssl/
$ ./configure --enable-ocspstapling
$ make
$ ./examples/client/client -C -h <domain/IP of server> -p <port number> -A <The CA cert to use> -g -W 1Where -C forcefully disables CRL if it's enabled in favor of OSCP stapling, -g says to do a HTTP GET request and -W 1 says to use OCSP stapling v1 (use -W 2 for OCSP stapling version 2)
Regards,
KH
Hello Kaleb,
Thanks for the reply.
Currently we are using WolfSSL 4.0.0 with TLS 1.3 and would like to enable OCSP stapling.
we are using C language in the project.
When i gothrough the Client.c file in WolfSSL/examples, i could see
- wolfSSL_CTX_EnableOCSPStapling
- wolfSSL_UseOCSPStapling
are used in client side.
Can you clarify whether these functions are enough to invoke the status request ?
SaravananG,
Please use:
wolfSSL_CTX_EnableOCSPStapling()
wolfSSL_UseOCSPStapling()
wolfSSL_CTX_EnableOCSP()Warm Regards,
KH
wolfSSL - Embedded SSL Library → wolfSSL → WolfSSL API for OCSP stapling check
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.017 seconds (90% PHP - 10% DB) with 12 queries