Re: Problem with TLS handshake in some browsers when OCSP stapling enabled

Hello! On Thu, Dec 12, 2013 at 11:59:26AM +0400, kyprizel wrote: > Hi, > we got a problem with OCSP stapling. > > During the handshake some browsers send TLS extension "certificate status" > with more than 5 bytes in it. > In Nginx error_log it looks like: > > [crit] 8721#0: *35 SSL_do_handshak

Problem with TLS handshake in some browsers when OCSP stapling enabled

Hi, we got a problem with OCSP stapling. During the handshake some browsers send TLS extension "certificate status" with more than 5 bytes in it. In Nginx error_log it looks like: [crit] 8721#0: *35 SSL_do_handshake() failed (SSL: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag er