Perform OCSP requests via HTTP/1.1 instead of HTTP/1.0

According to https://docs.digicert.com/en/whats-new/change-log/certcentral-change-log.html#digicert-ending-support-for-http-1-0-connections-for-ocsp-and-crl-certificate-status-verification-checks-619426
Digicert stops supporting HTTP/1.0 for their OCSP responder, but still supports
HTTP/1.1. Hence switch to HTTP/1.1 to keep things working.
It is assumed that other OCSP responders support HTTP/1.1 as well.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1928222 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_util_ocsp.c b/modules/ssl/ssl_util_ocsp.c
index 855f02fc216fb89890c48ab06e2dd47ff47e9659..434ee48303a4639a44be34c192df8d5194ea7c5c 100644 (file)
--- a/modules/ssl/ssl_util_ocsp.c
+++ b/modules/ssl/ssl_util_ocsp.c
@@ -46,7 +46,7 @@ static BIO *serialize_request(OCSP_REQUEST *req, const apr_uri_t *uri,
         BIO_printf(bio, "http://%s:%d",
                    uri->hostname, uri->port);
     }
-    BIO_printf(bio, "%s%s%s HTTP/1.0\r\n"
+    BIO_printf(bio, "%s%s%s HTTP/1.1\r\n"
                "Host: %s:%d\r\n"
                "Content-Type: application/ocsp-request\r\n"
                "Connection: close\r\n"