MCPcopy
hub / github.com/vulcand/vulcand / ocspStapleToCert

Function ocspStapleToCert

proxy/server/server.go:500–520  ·  view source on GitHub ↗
(stapler stapler.Stapler, hostCfg engine.Host, keyPair *tls.Certificate, opts ...stapler.StapleHostOption)

Source from the content-addressed store, hash-verified

498}
499
500func ocspStapleToCert(stapler stapler.Stapler, hostCfg engine.Host, keyPair *tls.Certificate, opts ...stapler.StapleHostOption) {
501 if !hostCfg.Settings.OCSP.Enabled {
502 return
503 }
504
505 log.Infof("OCSP is enabled for %v, resolvers: %v", hostCfg, hostCfg.Settings.OCSP.Responders)
506
507 r, err := stapler.StapleHost(&hostCfg, opts...)
508
509 if err != nil {
510 log.Warningf("Failed to staple %v, error %v", hostCfg, err)
511 return
512 }
513
514 if r.Response.Status != ocsp.Good && r.Response.Status != ocsp.Revoked {
515 log.Warningf("Got undefined status from OCSP responder: %v", r.Response.Status)
516 return
517 }
518
519 keyPair.OCSPStaple = r.Staple
520}
521
522// Returns a certificate based on a hosts KeyPair settings.
523func certForHost(hostCfg engine.Host) (tls.Certificate, error) {

Callers 2

newTLSCfgMethod · 0.85
certFuncForHostFunction · 0.85

Calls 2

InfofMethod · 0.80
StapleHostMethod · 0.65

Tested by

no test coverage detected