gnutls-cli logs only the first stapled OCSP response
I'm working on implementing multi-staple in mod_gnutls, and when testing with gnutls-cli found that it would never log more than one stapled response. A look at the code shows that it uses only
gnutls_ocsp_status_request_get to get the response, not
Versions of gnutls tested:
- 3.6.9 from Ubuntu
- local build of master at 85af4115
You can find my server-side WIP for mod_gnutls in the wip-ocsp-multi-staple on Github, if you'd like to test with it.
I have a patch that fixes the logging issue (airtower-luna/[email protected]), but the same problem affects the
--save-ocsp option. What would be the best way to fix that? Dumping multiple DER responses into one file seems questionable.