Boann

Asked: 2012-07-27 19:53:20 +0800 CST2012-07-27 19:53:20 +0800 CST 2012-07-27 19:53:20 +0800 CST

Remove specified OCSP responder from certificate

OCSP is brain-damaged and a privacy violation. Is there a way I can remove the specified OCSP responder from a certificate file to prevent my site's visitors from having to suffer it?

From what I understand, OCSP stapling would be great if it had browser support, though unfortunately I cannot use it at all in my current server configuration. :(

1 Answers

Voted

Best Answer

Shane Madden
2012-07-27T20:43:51+08:002012-07-27T20:43:51+08:00
I don't believe so. Modifying the X.509 attributes in the public certificate would change the certificate's thumbprint hash, and invalidate the signature from the CA that issued the certificate.
5

Remove specified OCSP responder from certificate

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?