pogpp/lego
1
0
Fork 0
forked from TrueCloudLab/lego
Code Pull requests Activity

Merge pull request #104 from chrismoos/fix_ocsp

Browse source 
GetOCSPForCert should fail if there are no OCSP servers in the cert.
This commit is contained in:
Matt Holt 2016-02-07 05:43:23 -07:00
commit 4efc9abf53
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
acme/crypto.go
View file

@ -90,6 +90,10 @@ func GetOCSPForCert(bundle []byte) ([]byte, *ocsp.Response, error) {
issuedCert := certificates[0] issuedCert := certificates[0]
issuerCert := certificates[1] issuerCert := certificates[1]
if len(issuedCert.OCSPServer) == 0 {
return nil, nil, errors.New("no OCSP server specified in cert")
}
// Finally kick off the OCSP request. // Finally kick off the OCSP request.
ocspReq, err := ocsp.CreateRequest(issuedCert, issuerCert, nil) ocspReq, err := ocsp.CreateRequest(issuedCert, issuerCert, nil)
if err != nil { if err != nil {