mod_nss NSS OCSP statements in Apache virtual context are global

Solution Verified - Updated -

Issue

mod_nss does not seem to provide with VirtualHost context for NSSOCSP statements, but "only" for a global context, except with NSSengine.
If the nss.conf file contains one, single VirtualHost block, then everything works finei with the NSSOCSP statements.

If it contains two VirtualHost blocks listening on two different sockets with two different server certificates, it does not set two different default OCSP responders correctly.
This makes it difficult to set up different VirtualHosts in a nss.conf file for different uses.

Environment

  • iWas tested on Red Hat Enterprise Linux 4
    Red Hat Enterprise Linux AS release 4 (Nahant Update 7)
Linux ms2-cs7-2.sjc.redhat.com 2.6.9-78.EL #1 Wed Jul 9 15:27:01 EDT 2008 i686 i686 i386 GNU/Linux
  • mod_nss and Apache
    Name        : mod_nss                      Relocations: (not relocatable)
Version     : 1.0.8                             Vendor: Red Hat, Inc.
Release     : 1.el5idm                      Build Date: Mon 04 May 2009
  • nss and nspr
    nss-3.12.3.99.3-1.el4
nspr-4.7.4-1.el4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content