Closed
Description
Test script: https://git.phoenix.dj/snippets/6
Place it into folder that contains:
- cer.cer: certificate that contains OCSP responder address
- cer.key: keyfile for certificate
- ca.cer: certificate issuer
- cer.pfx: PFX with certificate, ca and key (
openssl pkcs12 -export -in cer.cer -inkey cer.key -certfile ca.cer -out cer.pfx -password pass:)
Then run node ocsptest.js
On work PC (Mac OS X EI Capitan, homebrew version):
$ node ocsptest.js
Node version: v4.1.1
--- Testing CER+KEY ---
OCSP request { cert: true, issuer: true }
OCSP request { cert: true, issuer: true }
closing...
--- Testing CER+KEY+SNICRT ---
OCSP request { cert: true, issuer: true }
SNI 127.0.0.1
OCSP request { cert: true, issuer: true }
closing...
--- Testing CER+KEY+SNIPFX ---
OCSP request { cert: true, issuer: true }
SNI 127.0.0.1
OCSP request { cert: false, issuer: false }
closing...
--- Testing PFX ---
OCSP request { cert: false, issuer: false }
OCSP request { cert: false, issuer: false }
closing...
--- Testing PFX+SNICRT ---
OCSP request { cert: false, issuer: false }
SNI 127.0.0.1
OCSP request { cert: true, issuer: true }
closing...
--- Testing PFX+SNIPFX ---
OCSP request { cert: false, issuer: false }
SNI 127.0.0.1
OCSP request { cert: false, issuer: false }
closing...
Done
On my server (Debian GNU/Linux 8, deb.nodesource.com/node_4.x):
$ node ocsptest.js
Node version: v4.2.2
... exactly same
VMware (Debian GNU/Linux 8, deb.nodesource.com/node_5.x):
$ node ocsptest.js
Node version: v5.1.0
... exactly same