mod_nss NSS OCSP statements in Apache virtual context are global
Issue
mod_nss does not seem to provide with VirtualHost context for NSSOCSP statements, but "only" for a global context, except with NSSengine.
If the nss.conf file contains one, single VirtualHost block, then everything works finei with the NSSOCSP statements.
If it contains two VirtualHost blocks listening on two different sockets with two different server certificates, it does not set two different default OCSP responders correctly.
This makes it difficult to set up different VirtualHosts in a nss.conf file for different uses.
Environment
- iWas tested on Red Hat Enterprise Linux 4
Red Hat Enterprise Linux AS release 4 (Nahant Update 7) Linux ms2-cs7-2.sjc.redhat.com 2.6.9-78.EL #1 Wed Jul 9 15:27:01 EDT 2008 i686 i686 i386 GNU/Linux
- mod_nss and Apache
Name : mod_nss Relocations: (not relocatable) Version : 1.0.8 Vendor: Red Hat, Inc. Release : 1.el5idm Build Date: Mon 04 May 2009
- nss and nspr
nss-3.12.3.99.3-1.el4 nspr-4.7.4-1.el4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.