[NAS-108202] bad signature because OCSP stapling not activated in the nginx config file - iX - Bug Tracker (Jira)

XML

Word

Printable

Details

Type: Bug
Status: Done (View Workflow)
Priority: Low
Resolution: Complete
Affects Version/s: 12.0-RELEASE
Fix Version/s: SCALE-22.02 (Angelfish), SCALE-21.04-ALPHA.1
Component/s: WebUI
Labels:
- ready_for_review

Description

Most browsers currently have the stapling check set to true

e.g. Firefox/Chrome security.ssl.enable_ocsp_stapling = true

As a result, even if the certificate is valid, the browser still throws "SEC_ERROR_OCSP_BAD_SIGNATURE".

cause : stapling is not uncommented in the nginx config file when the certificate is configured.

ssl_stapling on;
ssl_stapling_verify on;

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

Attachments

debug-theone-20201104160450.tgz
1.78 MB
04/Nov/20 10:07 AM
image-2020-11-05-14-56-20-450.png
55 kB
05/Nov/20 8:56 AM

Attachments

JEditor

Activity

People

Assignee:: Waqar Ahmed

Reporter:: Jan

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 04/Nov/20 3:04 AM

Updated:: 02/Mar/21 10:59 AM

Resolved:: 02/Mar/21 10:59 AM